Living in the Age of the Internet Gangster, Part Three of Three: Sleeping with the Phishes . . .

Feb 28
18:23

2007

Etienne A. Gibbs

Etienne A. Gibbs

  • Share this article on Facebook
  • Share this article on Twitter
  • Share this article on Linkedin

One of the newest phishing trends to emerge has almost everybody in the security industry concerned: Trojan phishing. So-called Trojan programs, named after the horse of mythology that put the Greeks inside Troy's city walls, disguise themselves as beneficial files, but actually enable hackers to gain access to computers from remote locations to steal account information directly from a computer.

mediaimage

The most prevalent type of phishing scam involves setting up a site that has the complete look and feel of an online bank or a popular Internet destination,Living in the Age of the Internet Gangster, Part Three of Three: Sleeping with the Phishes . . . Articles like PayPal. Phishers send out e-mail to get unsuspecting users to log on and provide their account information, which is then stolen.

Another common tactic is to entice customers to buy products at what will turn out to be a fake e-commerce store. A cybercriminal will set up a phony Web site for a few weeks, collect orders, and then suddenly disappear.

One of the newest phishing trends to emerge has almost everybody in the security industry concerned: Trojan phishing. So-called Trojan programs, named after the horse of mythology that put the Greeks inside Troy's city walls, disguise themselves as beneficial files, but actually enable hackers to gain access to computers from remote locations to steal account information directly from a computer.

Some hackers use these Trojan-infected computers to set up networks of so-called "zombie" machines. The advantage to the hacking cybercriminal is that he/she/they will have a continuous data flow and little chance of detection.

The Trojans also give cybercriminals a way in to install keylogging software, which is quickly becoming the tool of choice for Internet gangsters. A study released recently by the digital-infrastructure company, VeriSign, discovered thousands of different kinds of keylogging programs in operation, with potentially hundreds of thousands of computers infected.

Keyloggers consist of coding that is secretly deployed and silently installed on unsuspecting consumers' computers. The software can record every keystroke on infected systems and send that information back to hackers automatically. Such programs often are piggy-backed in phishing email or spyware applications that are able to elude antivirus software and firewalls.

Some European and Asian governments are beginning to work with U.S. and British law enforcement agencies to fight back against cybercrime conglomerates. But the hackers' abilities to work thousands of miles from where the actual thefts occur give them a solid advantage and a degree of anonymity.

Accordingly, U.S. and British agents are trying hard to get other countries to cooperate in sharing cybercriminal information in a attempt bring cybercrime to a screeching halt. So far, that trust has been hard to establish, mostly because many countries don't understand the severity of the problem, according to security experts.

Cybercriminals can set up from foreign countries using stolen credit cards to establish accounts at various website hosting companies. Then they can point those web servers to other hacked servers, hijacking lots of web servers along the way.

According to cybercrime experts, this type of remote operation keeps rolling from one distant server to another as banks catch up with them and shut them down. Meanwhile, the cybercriminals never have to leave their homes. And the kick in the teeth to the innocent server owners is that they have no idea that this illegal activity is going on from their own servers.

Don't lose hope: Internet security firms are gradually turning the tide against cybercriminals. There is an increase in consumer awareness and software products are now able to warn web surfers of unsafe websites. With an increase of solutions popping up, the up-time of phishing sites is now being reduced to a safer level.

Some professional security firms, on the other hand, are seeing cybercriminals moving to places where there is no law enforcement. In the history of online fraud and security breaches, solutions never solve much of the threat criminals pose.

The only real solution for the consumer is prevention via education and a sophisticated managed security services. To protect yourself, you need an Internet security team of experts making sure that you, your family, and your business computer are always safe and secure. The best protection you can have in today's rapidly changing world of cyber-attacks is to have expert support for all your Internet security needs that will provide technical support without any hassles and without charging you extra fees. It will become even more critical than it is today as time goes on. You need to find your own personal team of experts to rely on. If you ever have a security problem, you will want to have a trusted expert you can call for professional help, without any hassles and extra costs!

Because cybercriminals are becoming smarter and more sophisticated in their operations, they are real threats to your personal security and privacy. Your money, your computer, your family, and your business are all at risk.

These cybercriminals leave you with three choices :

1. Do nothing and hope their attacks, risks, and threats don’t occur on your computer.

2. Do research and get training to protect yourself, your family, and your business.

3. Get professional help to lockdown your system from all their attacks, risks, and threats.

Remember: When you say "No!" to hackers and spyware, everyone wins! When you don't, we all lose!

© MMVII, Etienne A. Gibbs, MSW, The Internet Safety Advocate and Educator