Symantec: Phishers targeting social-networking sites

By Darren Osborne and Alex Serpo, ZDNet Australia
Thursday, April 10, 2008 12:00 PM

Social networking Web sites are fast becoming a key target for online fraud, according to the latest Symantec Internet Security Threat Report.

The report reveals for the second half of 2007 there were 87,963 "phishing hosts", an increase of 167 percent from the first half of 2007. The report said that "66 percent of phishing attacks in the United States were directed toward social networking sites".

Symantec Australia managing director Craig Scroggie said social networking Web sites are a treasure trove of personal data, listing information such as birthdate, location and employment history.

"[Users of these] Web sites are putting up a large amount of confidential information that is being used for fraudulent activity and financial gain," Scroggie said. The Symantec report notes that social networking sites are attractive to cybercriminals because such pages "are generally trusted by users".

Personal information is collected and sold on the Internet black market, for as little as US$1. "We're starting to see the area mature significantly," Scroggie said.

The report also notes that vulnerabilities in Web sites are more popular malware vectors as they allow for more sophisticated and multi-staged attacks.

He added that some people used the proceeds of these sales to fund further attacks. "People are employing programmers dedicated to the production of those threats," Scroggie said.

While the report found most attacks continued to occur and originate in the United States, China is becoming increasing important as a source of malicious code.

"Russia was implicated in the widespread distribution of malicious code over the last couple of years. That dropped off in 2007," Scroggie said, "but [security threats] have recently re-emerged in China."

Scroggie said the spread of malicious code was expected to increase, with the growing use of portable data storage devices. "There is an increased security threat from portable media devices, whether it be a USB flash drive or a MP3 player," he said.


See also:  Web 2.0
WORTHWHILE?

0

0 votes
Blog

Talkback 0 comments

There are currently no comments for this post.


Tech Jobs Now!

Search for your ideal tech job:

News from Countries/Region

Common ways IT wastes money on development

Web Development

Examples include using developers as support staff and failing to calculate a project's ROI before giving it the go-ahead.


Read more »



  • Enterprise 2.0

    Vince Casarez, vice president of product management at Oracle, explains how Web 2.0 technologies, such as tags, wikis, and mash-ups, can be applied within an organization.
    Play video


  • Nehalem Architecture

    What makes next-generation Intel® Microarchitecture (Nehalem) such a superior successor?
    Play video

 
On demand CRM goes strategic
CRM technology has come of age, and is now able to align with your customer strategy and grow in step with your business.

» Learn more about Oracle’s CRM Solutions


Free the untapped potential of your IT infrastructure
Reduce bottlenecks to drive the efficiency and productivity of Business IT.
» Ultimate virtualization blade
» Scalable SAN solution
» Accelerate service delivery

Could this be the most critical budget for India?

Blog thumbnail

For business journalists in India, budget time is excitement time. It's like sports journos covering the Olympics. As a newspaper correspondent, I too had my fill of budget-time excitement. But..... by Swati Prasad

Read more »

Tags

  1. attack
  2. bank
  3. blog
  4. data security
  5. e - mail
  6. hacking
  7. internet
  8. malware
  9. microsoft corp.
  10. network
  11. network security
  12. pc security
  13. researcher
  14. security
  15. security management
  16. software
  17. spam and phishing
  18. u.s.
  19. viruses and worms
  20. web