|
|
|
|
|
Trend Micro Reveals Top Ten Summer Holiday Threats For 2009
Published Aug 10, 2009
|
Data released from TrendLabs, Trend Micro's global threat research and support organisation, reveals that cybercriminals are taking advantage of some of these activities by tailoring their scams towards some of these.
The top ten summer 2009 threats feature:
10. If it looks too good to be true, it probably is discount Hunter Traps
Discounts and special bargains are a common feature of summer time with retailers counting on shoppers spending more time looking for the best deals. These bargains are also a popular tool for malware writers to lure users into clicking on malicious links, buying goods from specifically crafted fake websites and often making products seem irresistible to buyers. Recent cases include:
TROJ_AYFONE.A this Trojan displayed fake advertisements about the then newly released Apple iPhone, as well as a fake website of an online store where it can be bought. Bogus MSN Spam Features Malicious Software
9. Trojans aboard fake travel deals and airline notifications
Booking tickets online is more convenient and often quicker than through local travel agencies. Cybercriminals have long been leveraging this consumer convenience by creating tailored spam messages to phish for credit card information. Some of these scams have so far included:
Spoofed Delta Airlines Contains Malware
Your eTicket Makes a Worm Fly
Flying Phish
Trojan aboard LaoAirlines
8. E-commerce phishing attacks
With millions of unique online audiences, eBay is one of the most popular online retailers and also a top phished website. Online shoppers are a primary target for information theft with cybercriminals continuously weaving sophisticated schemes to extort user information for financial gain, including:
Hit and Run by Doppelgängers
What's the Worst that Can Happen?
Missing Tag Foils Compromise
PayPal's 10th Year Anniversary Phished
Cyber criminals were also found able to fake a good reputation on eBay through ratings manipulation.
7. Seasonal scams
Major sporting and holiday events have regularly been exploited by cybercriminals:WALEDAC Celebrates Independence Day, Too
6. Malicious files
During the summer, consumers spend more time online downloading files. While the exchange of a majority of movies, TV episodes, music and software over P2P constitute piracy, its persistence nevertheless lures more users into the practice. The danger with these sites is that users are typically not aware of the veracity of files they are downloading. This has been the case in the following attacks:
Cybercriminals Launch Tainted Windows 7 RC
Mac Trojan Hidden Behind Pirated iWork '09
5. Summer movies cybercriminals are watching you For most countries,
the summer season is the time to lay back and relax watching movies is one such leisure activity. Big budget and blockbuster movies are also often slated for release in summer because larger audiences are expected to flock theaters then. This in fact happened in the previous years:
Free Malware Passes for Italian Harry Potter Fans
Pirates Trojan Keel Hauls Surfers
'Lust, Caution' Steam Builds on
4. News and viral videos
Students on holiday with more time on their hands typically spend more time online to stay up to date with notable events. Cybercriminals thus take advantage of students' boredom, luring them to click links to fake news reports or videos, to infect their systems, including scams like:
'Solar Eclipse 2009 in America' Leads to FAKEAV
Michael Jackson Video Leads to Malware Download
Italy: Political Controversy Spam
3. Searching… for you
News, new movie releases and juicy gossip are popular searches for people who want to always be 'in the know'. Cybercriminals are increasingly creating poised search results related to the hottest news in order to direct consumers to malicious websites with recent scams, such as:
Blackhat SEO Quick to Abuse Farrah Fawcett Death
Scammers Ride on H1N1 Global Pandemic
Air France Flight 447 Search Results Lead to Rogue Antivirus
2. High traffic websites
High traffic websites over the summer holidays typically include those of travel agents, hotels, shopping sites and others which draw people into last minute deals and discounts. In order to target as many potential victims as possible, cybercriminals are also trooping to these sites, following the crowd as it seems. Below are examples of such scams:
Massive SQL Injection Ensues
A Worrying Trend of Compromised Websites
1. Social threatworking
The summer season is also a popular time to connect with friends and family. As this is frequently done via social networking sites like Facebook, Twitter, Bebo and others these sites are an extremely popular platform for cybercriminals to hijack accounts, steal identities and create tailored scams, for example:
Rogue DNS Targets Popular Russian Social Networking Site
Koobface Tweets
Bogus Facebook, Malware, and a Dancing Girl
'Information collected through phishing attacks is very valuable to attackers. Not only is there a thriving black market for email addresses that can utilised by spammers, and which are generally sold in batches of thousands but when you add login details to the situation it brings the financial possibilities to a whole different level' says David Sancho at TrendLabs, Trend Micro.
'The popularity behind social networking sites in particular, makes them a vulnerable target for cybercriminals. While we are seeing some summer threats distributed as email links and attachments, we are seeing more of these embedded into Web 2.0 links, many of them found on social networking sites. As these sites, such as Twitter, become more interactive and innovative, we expect to see more sophisticated security breaches and cybercriminal activity around these'.
Posted by
VMD - [Virtual Marketing Department]
|
|
|
