Wednesday, March 18, 2009

What Do March Madness, the Economic Crisis & Corporate Branding Have in Common? All are Opportunities for Cybercrime, & for Raising Security Awareness



Cybercriminals are poisoning top Google search results related to March Madness to lure users into visiting fake anti-virus sites ... SC Magazine, 3-17-09

The economy remains the main topic spammers focus on to lure users into opening emails with malicious links ... SC Magazine, 3-17-09

According to the latest MarkMonitor Brandjacking Index, cybersquatting grew by 18 percent in 2008, proving that it continues to be a lucrative mode of exploitation ... CSO Magazine, 3-17-09

What Do March Madness, the Economic Crisis & Corporate Branding Have in Common? are Opportunities for Cybercrime, & for Raising Security Awareness

Three recent, somewhat obscure news stories highlight the richness and diversity of nefarious activities undertaken in the shadows of cyberspace.

These stories also illustrate some ways in which the perpetrators exploit human emotions (e.g., fear and enthusiasm) and net resources (e.g., search engine optimization and social networking applications) to carry out their insidious schemes.

But perhaps of most importance, these three stories serve as a reminder that every 24 hours in cyberspace, there is something else to use as grist for the mills of user awareness and education. Cybercrime is 24x7 and global, user awareness and education should also be 24x7 and global.

Here are brief excerpts from all three, with links to the full texts and to relevant reports.

-- Richard Power

Cybercriminals are poisoning top Google search results related to March Madness to lure users into visiting fake anti-virus sites, Stephan Chenette, manager of security research at security firm Websense told SCMagazineUS.com Tuesday. Attackers are using deceptive search engine optimization (SEO) to get their malicious sites to the top of results on Google and other search engines, Angela Moscaritolo, SC Magazine, 3-17-09

The economy remains the main topic spammers focus on to lure users into opening emails with malicious links, according to Symantec's March 2009 "State of Spam" report. ... One of the more egregious spam messages Symantec found looked like a rejection letter. ... A URL in the message pointed back to a legitimate site, but the message said: “We have attached a copy of your application you sent for us.” If a user clicked on the attachment, an attack was launched involving the Hacktool.Spammer virus – a program that hackers use to attack inboxes by flooding them with email. Chuck Miller, SC Magazine, 3-17-09

According to the latest MarkMonitor Brandjacking Index, cybersquatting grew by 18 percent in 2008, proving that it continues to be a lucrative mode of exploitation, according to MarkMonitor officials. ... MarkMonitor's research found a total of 440,584 instances of cybersquatting were identified in Q4, followed by 86,837 instances of false association and 33, 614 instances of pay-per-click abuse.
"... brandjackers are increasingly leveraging trademarks as they make use of best practices in search engine optimization to divert traffic to illegitimate or unauthorized sites," said MarkMonitor officials in a statement on the findings. ... Communication platforms and social networking sites like Twitter and Habbo are increasingly becoming vehicles for abuse ...
Joan Goodchild, CSO Magazine, 3-17-09

To read Symantec's monthly State of Spam report, click here. (Symantec is one of CyLab's corporate partners.)

To read MarkMonitor's Brandjacking Index, click here.