The RDV Group InfoSec Blog

Wednesday, April 05, 2006

Phisher Kings Court Your Trust

Brian Grow has another piece in Business Week that's worth a look. This is a fairly extensive article that quotes a lot of sources and makes some good points. He references some of the more busy worms, like Bagle, and some of the newer, less well-known Trojans, like Hearse: "... The attachment -- labeled lawsuit.exe -- is a new variant of a computer worm called Bagle. When worried victims open the attachment, malicious code embedded in its text downloads onto their PCs, and then swiftly harvests all their e-mail addresses to send out even more spam. That second wave uses the victim's personal e-mail address to send malicious code disguised as, say, a Paris Hilton sex video, to friends and associates."

There isn't a lot new and earth-shaking in the article, but he does hit the major point, that although more users are getting savvy to the basic email schemes, $ losses are increasing, as fraudsters get more sophisticated and mercenary: "... A 2005 survey by Gartner found that just 2.5% of phish recipients responded with personal or financial information, down from 3% in 2004. But fraud losses connected to the theft of such information off the Web still rose from $690 million in 2004 to $1.5 billion last year."

I tried to make the same point on Business Week TV on April 02, that phishers have progressed from badly spelled emails, to well-funded criminal enterprises, sometimes even operating with the blessing of their governments.


Post a Comment

<< Home