Cyber criminals step up the pace
Cyber criminals step up the pace
So-called phishing attacks that try to trick people into handing over confidential details have boomed in 2004, say security experts. The number of phishing e-mail messages stopped by security firm MessageLabs has risen more than tenfold in less than 12 months. In 2004 it detected more than 18 million phishing e-mail messages. Other statistics show that in 2004 73% of all e-mail was spam and one in 16 messages were infected with a virus. In its end-of-year report, MessageLabs said that phishing had become the top security threat and most popular form of attack among cyber criminals. In September 2003, MessageLabs caught only 273 phishing e-mails that tried to make people visit fake versions of the websites run by real banks and financial organisations. But by September 2004 it was stopping more than two million phishing related e-mail messages per month. Worryingly, said the firm, phishing gangs were using increasingly sophisticated techniques to harvest useful information such as login details or personal data. Older attacks relied on users not spotting the fact that the site they were visiting was fake, but more recent phishing e-mails simply try to steal details as soon as a message is opened. Other phishing scams try to recruit innocent people into acting as middlemen for laundering money or goods bought with stolen credit cards. “E-mail security attacks remain unabated in their persistence and ferocity,” said Mark Sunner, chief technology officer at MessageLabs. “In just 12 months phishing has firmly established itself as a threat to any organisation or individual conducting business online,” he said. Mr Sunner said MessageLabs was starting to see some phishing attacks become very focused on one company or organisation. “Already particular businesses are threatened and blackmailed, indicating a shift from the random, scattergun approach, to customised attacks designed to take advantage of the perceived weaknesses of some businesses,” he said. Although phishing attacks grew substantially throughout 2004, viruses and spam remain popular with cyber-criminals and vandals. One of the biggest outbreaks took place in January when the MyDoom virus started circulating. To date the company has caught more than 60 million copies of the virus. Also up this year was the amount of spam in circulation. In 2003 only 40% of messages were spam. But by the end of 2004, almost three-quarters of messages were junk.