« Soccer Fans Kicked by Keylogger, Man-in-the-Middle Attack | Main | The Scary Side of Web 2.0 »
Tuesday
Jan292008

The Intricacies of Explaining Cybercrime

On Monday, USA Today posted a great article on the increasing sophistication of cybercriminals.

We tip our hat to the publication’s ongoing efforts to provide Internet users with the latest and greatest on the dangers lurking on the Web.  The media plays a critical role in educating and empowering users looking to surf safely.   

We also appreciate that explaining the ins and outs of cyber attacks and malicious code is difficult to do within the confines of column inches.  As a result, the intricacies of a very complex cyberthreat landscape often can be blurred.

For example, the USA Today article states that, “This month, someone has tainted tens of thousands of mom-and-pop e-commerce sites, Landesman says. Clicking to one of these sites can trigger ads selling fake anti-spyware or turn the visitor's PC into a hub for clicking on Web ads, while routing the ad payment to the intruder.”

In fact, the recent attack on over 10,000 websites does not lead to clickfraud but to something far more sinister and far more prevalent—the installation of password-stealers and backdoor Trojans. The majority of impacted sites we've observed are small “mom and pop” type websites and how the attackers gained access still remains a mystery

Password-stealers and backdoor Trojans are often used for credit card fraud and identity theft. (In the U.S. alone, identity theft claims a new victim every 3.5 seconds).  The 'success' of the recent ‘mom & pop’ site compromises is sobering - since its onset, those attacks represent 11% of our total blocks.

Clickfraud, on the other hand, accounts for only 4 percent of all the malware we blocked during the same period (and, again, there’s no clickfraud connection to the “mom and pop” site attack).

Both clickfraud and the more nefarious (and more prevalent) downloaders, password stealers, and backdoors foisted through compromised websites are a concern to all Internet users. Ultimately though, clickfraud is a more B2B concern, while password stealers and backdoor Trojans hit closer to home – right in your pocketbook.

AuthorMary Landesman | CommentPost a Comment | DateTuesday, January 29, 2008 at 05:44AM

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.

PostPost a New Comment

Enter your information below to add a new comment.

My response is on my own website »
Author Email (optional):
Author URL (optional):
Post:
 
Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>
Alert
Comment Moderation Enabled
Your comment will not appear until it has been cleared by a website editor.

Notify me of follow-up comments via email.