Posted on 03/21/2005 10:44:50 AM PST by tomball
More than half of recent major Internet threats try to harvest personal information, a sign that financial gain is behind the attacks, according to a Symantec study.
Identity theft features were found in 54 percent of the top 50 malicious codes detected between July and December last year, the security company said in a report released Monday. That marks an increase on the 36 percent found during the same period in 2003.
"This represents a clear trend that attackers have gone from seeking fame to seeking fortune," said Oliver Friedrichs, senior manager with Symantec Security Response.
Computers are increasingly coming under attack from Trojan horses, worms and viruses that attempt to glean users' cached log-on data and passwords to financial information. This trend is not likely to slow down soon, Friedrichs noted.
The study also detected a rise in phishing attempts, used by financially motivated attackers. Phishing scams, which rely on social engineering to dupe people into providing sensitive financial and confidential information, use fake e-mails and Web sites that look like legitimate sites.
Symantec said that by the end of December, it was blocking an average of over 33 million phishing attempts a week--up from an average of 9 million a week in mid-July.
Regulatory intervention and technological means of checking the legitimacy of e-mails have been suggested as methods of reducing identity threat attacks. But regulations are somewhat limited, because the individuals behind the scams are already breaking the law and show an apparent disregard to rules and regulations, Friedrichs said.
He added that technology, in its current form, is also hard-pressed to combat phishing e-mails and identity threat attacks.
"Most of the technology today is in its infancy," Friedrichs said. "There are a number of efforts underway to create standards to validate these e-mails, but right now there is no clear standard that has been incorporated into technology."
The study also found an increase in the number of flaws in Web applications, which could let attackers get past traditional protections such as firewalls. Vulnerabilities in Web applications accounted for 48 percent of the total number of flaws detected between July and December, up from 39 percent during the first six months of the year.
"Attacks are increasingly focusing on the Web server, which is one of the few things exposed externally," Friedrichs said, referring to the server's placement outside the network wall.
BUMP!
Norton and all the anti-virus companies probably create all the viruses themselves. Ever notice how quickly they come out with downloadable software to pay for after any really bad virus attack?
Is anybody aware of antiVirus or antiSpyware packages for Linux based operations? I would appreciate any link to such information.
LINUX Antivirus available from Medina, Ohio based Central Command
http://www.centralcommand.com/linux_server.html
F-Prot Antivirus for Linux Workstations
- for home users
Free for homeuse
There is a simple way to solve the problem, I think, I thought of it several years ago, and no one I know that is capable wants to impliment it.
If anyone here is programming guru and wants to work on my idea, let me know via freep mail.
I should clarify, my idea will deal with phishing e-mails.
Are you using your linux box as a file or mail server for MSWin boxes? If so, there are several available to ride herd to protect winboxes downstream of your servers. If you are just trying to protect your personal Linux system, a firewall should be enough since Windows viruses/malware can't "live" in a Linux environment.
On a semi-related vein, if you want a web-content filter to keep surfing pretty clean for your kids/organization, I can recommend dansguardian.
Which goes a long way toward explaining why people don't give a damn about Macs. There simply aren't enough of them.
That's my take on it as well. Reminds me of the Mafia and their "protection" rackets. "Youse pays us, an' don' break youse legs."
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.