Phishing Attacks Rise Dramatically in 2008

Robert Siciliano Identity Theft Expert – Speaker

Stupid people get hooked by phishers. You have to be a complete idiot to get sucked into a scam email that has typos making requests that are geared toward naïve simple minded pea brain fools. Right? Yes? No? So why have phishing attacks risen dramatically in 2008? That’s 66% higher than in 2007.

Have we gotten dumber or are the attackers getting smarter?

RSA concluded that phishing attacks rose to an unprecedented 15,002 in April of 2008. Millions of people in mainly english speaking nations receiving ruse after ruse. 68% of US bank brands attacked. Less than 7% UK brands experiencing less than attacks.

However the UK takes the title for the most exploits as the most phished country in the world equating to 40% of the 135,426 cases detected by RSA.

This seems to be due to the UKs system allowing fraudulent transfers fast enough “real-time” to avoid detection. Criminals like real time fast cash.

Much of the success of phishers is that they are in fact getting smarter using “flax flux” attacks. *Fast flux is a technique used by botnets to hide phishing and malware delivery sites behind an ever-changing network of compromised hosts acting as proxies. It can also refer to the combination of peer-to-peer networking, distributed command and control, web-based load balancing and proxy redirection used to make malware networks more resistant to discovery and counter-measures. *Thank you Wikipedia.

Tonight I spent 2 hours on the phone in a webinar with a startup reviewing a fully functional toolbar that makes 54 checks to determine the validity of a website checking for phishing, pharming etc. All any bank needs to do is adopt the technology and require their clients to adopt it in the sign-in process. In most cases problems solved.

And do you know what we labored over in this call? How to get all the banks clients to install a simple toolbar that would protect them and the bank.

Why is this so difficult?

Robert Siciliano Identity Theft Expert discussing Scambaiter in video Here

Nuclear Weapons, CyberSecurity and an Unlocked Door.

Robert Siciliano Identity Theft Expert Speaker www.IDTheftSecurity.com

What happens when you have an unlocked door at the home of and employee at the top U.S. nuclear weapons laboratory? How about 3 stolen computers with yet to be disclosed data, that was said to be non-classified. We hope. Were the computers stolen to be resold for crack? Or for nuclear weapons secrets? We may never know. Or we may find out the hard way.

At the Los Alamos National Laboratory in Santa Fe New Mexico dozens more (67 total) systems are currently listed as missing. Officials are conducting a full review of the lab’s policies and procedures governing the use of official computers at employees’ homes.

Situations like this are common in every industry with every conceivable form of data. We just wish it wasn’t data from a nuclear weapons facility.

Its important to point out that the facility has as many as 40,000 computers including desktops, laptops, PDAs, printers and so on. Do the math, less than a .25 percent lost or stolen. The lab has been documented at a better than 99.5 accountability rate.

We know there is no such thing as 100% security whether protecting from hardware or data thieves. Security is an ongoing, never ending, consistent, on your toes, don’t let your guard down, vigilant process.

And its not just criminal hackers causing big problems, lowly burglars looking for their next bag of dope stole a laptop computer from the home of a government employee containing 26.5 million Social Security Numbers, a US primary identifier. This $500 laptop cost millions.

Can you say your organization has a 99.5% success rate?

What policies do you have in place to foster a security minded culture? Here are just a few bullets as examples for you to add too.

# Cover all organizational systems used for processing, storing or transmitting personal information.

# Security risks faced assessed in the development of the policy

# Cost-effective measures devised to reduce the risks to acceptable levels

# Monitored and periodically reviewed.

# Staff and management made aware of the protective security policies and how to implement them.

Robert Siciliano discussing another hack Here

Quarter Million Dollar Bounty for Criminal Hacker

Robert Siciliano Identity Theft Speaker and Expert

In a Microsoft press release a global bounty has been offered for the arrest and prosecution of whoever has created and released the “conficker” virus.

Conficker was released in the last quarter of 2008 and has infected a wide estimate of 2 million to 10 million PCs. After issuing patches, Microsoft estimates approximately 3 million PCs globally are still compromised.

However none of the PCs infected with the conficker are displaying any of the characteristics generally exhibited by the recent spate of viruses offering a remote control component and often used to host spoofed websites and other malicious fraud related activities.

Although, this virus is designed to constantly ping some 250 different domains that were most likely controlled by the criminal hackers that created it. The virus acts like any software calling home looking for an update, checking time/dates stamps and what version is running.

It is widely believed that conficker is waiting for its next set of updates to unleash the endgame its writers had in mind. BRILLIANT!

Many who study conficker as it phones home have been monitoring the 250 domains looking for the next “update”.

Each of these top level domains include .com, .net and .org. All of which fall under Internet Corporation for Assigned Names and Numbers (ICANN), who heads up the domain registration industry. ICANNs rules prohibit such reserving of domains. ICANN then worked with registrars in heading off any future registration of conficker sought domains.

What has been out of the control of ICANN has been .ws and .cn (China) based domains and due to the ferocity of conficker and negocitions by ICANN, China and other global registrars have agreed to make it difficult for conficker to continue to control its 250 base domains or seek others along the string.

What we are seeing here is a global effort by international agency’s, security professionals from around the world and Microsoft working together to defeat an unknown attacker, that if left un-matched, could infect a significant portion of the worlds computers.

This story is not over.

Robert Siciliano Identity Theft Expert-Speaker video discussing rise in identity theft Here