Cybercrime-related threats are gaining momentum through the use of crimeware, software tools built with the purpose of committing online scams and stealing information from consumers and businesses. As Symantec noted in the previous Internet Security Threat Report, attackers are moving away from large, multiple purpose attacks against traditional security devices such as firewalls and routers. Instead, they are focusing their efforts on regional targets, desktops, and Web applications that may allow an attacker to steal corporate, personal, financial, or confidential information; this information could then be used for additional criminal activity. Programs that provide attackers with unauthorized control of a computer, known as bots, also contribute to the rise in cybercrime threats. While the number of bot-infected computers is 11 percent lower than last period—with an average of 9,163 infected systems identified each day during the current reporting period—bot networks are increasingly used for criminal activities such as denial of service (DoS)-based extortion attempts. Symantec estimates that this measurement is only capturing a portion of global activity and that the actual infection numbers are likely to be much higher. On average, Symantec observed 1,402 DoS attacks per day, a 51 percent increase over the previous reporting period. Symantec speculates that this growth trend will continue as attackers leverage an increasing number of Web-based application and browser vulnerabilities. In the previous report, Symantec speculated that attacks directed at Web applications would increase. During the current reporting period, 69 percent of the vulnerabilities reported to Symantec affected Web application technologies, a 15 percent increase over the previous period. Web application technologies, which rely on a browser for their user interface, present an easier target for attackers due to their availability over commonly allowed protocols such as HTTP. Symantec has also seen an increase in modular malicious code, which initially possesses limited functionality but is designed to update itself with new, more damaging capabilities. Modular malicious threats often expose confidential information that can then be used in identity theft, credit card fraud, or other criminal financial activities. During the last six months of 2005, modular malicious code accounted for 88 percent of the top 50 malicious code samples reported to Symantec, up from 77 percent last period.
Source: (http://blog.emagined.com/2009/09/05/cybercrime-trends/)
Interesting statement, but thats one of the ways hackers, even big corporations are utilizing these tools to get peoples information. There is couple of small other ways that they steal peoples information and a lot users don't even recognize, by buying their own software. Believe it or not it is one of the most common ways their are utilizing their scam to provide peoples with their own products. I am not saying that all of them are spy-aware,but some are, don't believe that if its free product that is going to work for you, it could work against you and you would not even know it that is why its good to research before you get for free or even buy it. Hackers on the other hand are more likely to use social engineering where they would call you and then claim that they are certain company or even bank, that way they get enough information from you and steal your identity. With out even trying to get in your computer.
ReplyDeleteYou should paraphrase your source in your own words; this is very important.
ReplyDelete