MICROSOFT SECURITY INTELLIGENCE REPORT: CYBERCRIMINALS TARGETING CONSUMERS
Bernama (12 May 2011) Recent study indicates a "polarization" in cybercriminal behavior and increase in "marketing-like" approaches KUALA LUMPUR' 12 May 2011 - Today Microsoft Corp. released its Security Intelligence Report volume ten' which highlights a polarization in terms of cybercriminal behavior and a significant increase in the use of "marketing-like" approaches and deception tactics to steal money from consumers. The Security Intelligence Report focuses on 2010 with new information for the period of July
to December and gathers analysis of data from more than 600 million systems worldwide. From the Security Intelligence Report' we are seeing a divergence in cybercriminal behavior. On one side' highly sophisticated criminals skilled at creating exploits and informed with intelligence about a target’s environment'
pursue high-value targets with large payoffs. On the other side' there are cybercriminals using more accessible attack methods' including social engineering tactics and leveraging exploits created by the more skilled criminals' to take a small amount of money from a large number of people. These attack methods include the use of rogue security software' phishing using social networking as the lure' and adware' all which have increased in prevalence in
2010. Attackers continue to incorporate social lures that appear to be legitimate marketing campaigns and product promotions. Six of the top ten most prevalent malware families in the second half of 2010 fall into these categories of attack methods. Criminals using these malware families make money through tricking users with pay-per-click schemes' false advertisements' or fake security software for sale. Additionally' the report highlights an increase of over 1'200 percent in phishing using social networking as the lure' as these venues have
become lucrative hot beds for criminal activity. "The software industry lead by Microsoft has significantly improved customer protections and guidance for some time now'" said Vinny Gullotto' general manager of the Microsoft Malware Protection Center (MMPC). "These efforts are
making a difference but there is more work to do. We continue to see cybercriminals evolve attack methods such as a significant rise in social network phishing." According to the report' phishing using social networking as the lure increased from a low of 8.3 percent of all phishing in January to a high of 84.5 percent in December 2010. The popularity of social networking sites has created new opportunities for cybercriminals to not only lure unsuspecting users' but also friends' colleagues and family through impersonation. These methods add to an existing list of social engineering techniques' such as financial and product promotions through email and instant messenger' to extort money or trick users into downloading malicious content. The Security Intelligence Report also shows that worldwide detections of adware increased 70 percent from the second quarter to the fourth quarter of 2010. The detection of a new pair of adware families' JS/Pornpop and Win32/ClickPotato' between July and September 2010 contributed significantly to this increase. ClickPotato is a program that displays pop-up and notification-style
advertisements' based on the users’ browsing habits' and Pornpop is an adware family that attempts to display pop-under advertisements in users’ web browsers that usually contain adult content. "With more consumers and devices coming online every day' cybercriminals now have more opportunities than before to deceive users through attack methods like adware' phishing and rogue security software'" said Graham Titterington'
principal analyst' Ovum. "It’s becoming increasingly difficult for consumers to decipher legitimate communications and promotions given the sophistication of
tools criminals are using' so it’s more important than ever to provide information and guidance about these online threats to increase protections and awareness." Additionally' rogue security software' or scareware' has quickly become one of the most common ways for cybercriminals across the globe to acquire money and
private information from unassuming computer users. Rogue security software families' including the most prevalent' Win32/FakeSpypro' appear similar to legitimate security software providing a false sense of protection' and if
trusted and clicked by the user' downloads itself and compromises systems. In 2010' Microsoft protected nearly 19 million systems from rogue security software. The top five rogue security software families were responsible for 70
percent or approximately 13 million of those detections. In Malaysia' the most common category in 4Q10 was Worms' which affected 35.8 percent of all infected computers' down from 41.4 percent in 3Q10. This was closely followed b Misc. Potentially Unwanted Software' which affected 27.5
percent of all infected computers' an increase from 25.4 percent in 3Q10. The third most common category in Malaysia in 4Q10 was Misc. Trojans' which affected 24.7 percent of all infected computers' up from 23.0 percent in 3Q10. To this Gullatto said "While criminals work to evolve their attack methods' Microsoft and the industry will continue to collaborate with partners and customers to improve security and privacy and increase awareness. A combined effort helps to protect the broader online community from the threats
propagating today and develop more secure software solutions to prevent criminals from reaping the benefits." Internet Users and Online Threats Apart from malicious and potentially unwanted software' Malaysian internet user also face other forms of threats. According to YBhg Lt. Col. Dato’ Husin Hj Jazri (Retired)' Chief Executive Officer' CyberSecurity Malaysia; Ministry of
Science' Technology and Innovation (MOSTI)' internet users remain open to cybercrimes and other online threats' and this is due to the low awareness surrounding the issue. "The level of awareness among Malaysian Internet users on safety issues in cyberspace needs to be intensified' now more than ever' to keep up with the rapidly growing number of citizens. Currently there are 17 million internet
users in Malaysia. In quarter 1 2011' Cyber999 Security Incident Help Centre handled 3563 incidents and 36% of those (or 1273 incidents) are related to online fraud. While the numbers are worrying' we are also happy to see that members of the public notifying us when they come across a fraudulent website or emails" Furthermore' he also added that CyberSecurity Malaysia is also dealing with issues like phishing sites proactively by releasing a browser plug-in called ‘DontPhishme’ for Internet users. Once installed' this security plug-in allows
automatic detection of fake banking sites and educates the public about the danger of identity theft. Microsoft encourages employing the following best practices for securing networks' software and devices.
· Protect Your PC: Online safety guidance to protect information when surfing online and accessing the many cloud services available.
· Protect Your Organization: Leverage best practices for securing networks' software and customers by implementing information security policies' promoting awareness' defending against malware and securing network infrastructure.
· Get The Latest Software: For Microsoft customers' newer software' like Windows 7 and Internet Explorer 9' offers the most up-to-date protections to help keep information safe. Data for Microsoft’s Security Intelligence Report is captured by Microsoft products and tools including Forefront security products' Windows Defender'
Microsoft Security Essentials' Windows Internet Explorer' Bing and the Malicious Software Removal Tool (MSRT). A downloadable version of SIRv10 and other related resources are available at www.microsoft.com/sir. Note to editors: For more information' news and perspectives from Microsoft' please visit the Microsoft News Center at http://www.microsoft.com/news. Web
links' telephone numbers and titles were correct at time of publication' but may have changed. For additional assistance' journalists and analysts may contact
Microsoft’s Rapid Response Team or other appropriate contacts listed at http://www.microsoft.com/news/contactpr.mspx. About Microsoft
Microsoft (Malaysia) Sdn Bhd (www.microsoft.com/malaysia) is a subsidiary of Microsoft Corporation and was incorporated on July 8' 1992. Founded in 1975' Microsoft (NASDAQ "MSFT") is the worldwide leader in software' services and Internet technologies for personal and business computing. The company offers a wide range of products and services designed to empower people
through great software – any time' any place and on any device. |
