21 September 2004

Phishing: Preventive strategies

As Symantec has recently been publishing their version of the losses sustained from Phishing, the vendors are busy trying to grab market share. Preventive strategies and tools to thwart Phishing attacks are getting more mainstream as companies respond to the new threats.

All of the social engineering that goes into "Phishing" scams will heavily out maneuver the vendors new tools. The consumer is still running windows without patches and will continue to click on bogus e-mail that looks identical to the ones coming from their bank. ScamBlocker, Phishnet and the rest of them will continue to evolve yet the financial losses will continue.

The Symantec point of view is nothing new. What is interesting is the increase of the number of "bots" and other malware roaming the web:

Symantec also recorded a rise in the detection of bots -- "programs that are covertly installed on a targeted system", according to the company, allowing the hacker to control the computer remotely -- from 2,000 detections per day to more than 30,000. The number peaked at 75,000 in one day.

Symantec said malicious code also increased by more than 4.5 times the number it was in the same period in 2003, equating to over 4,496 new Windows viruses and worms, with most aimed at the Win32 operating system.

Symantec says that phishing costs banks $1.2B. If this is true, you can bet who is paying for all of these operational losses.

No comments:

Post a Comment