Long gone are the days when spam attacks were simply hackers getting thrills and giggles. Now a much more lucrative business, cybercriminals are changing with the times and updating their skills. This creative bunch is constantly adapting and now launching campaigns in multiple languages. Another tactic involves exploiting the phenomenal popularity of local applications and social networking sites.
Patrik Bihammar, senior analyst, Security Solutions and System Management Software, IDC Australia said attackers are becoming increasingly sophisticated to improve the success rate of their phishing “attacks”. Improving the success rate of attacks increases the likelihood of the “victims” to click on the link.
Cybercriminals are tailoring attacks to suit different cultures and languages. For example, they are using techniques such as spear phishing with localised language/messages based on the origin of the IP address. For example if the IP address is from Italy the message is in Italian, if the IP address is registered in Germany the message is in German.
“A majority of spam is still in English but we are increasingly seeing localised spam and phishing attacks. We are also seeing a trend towards more targeted attacks against specific companies,” said Bihammer.
Cybercriminals are using real-life news events such as the World Cup and public holidays to attract victims.
“We are also seeing more attacks targeting online gaming in countries where gaming is popular such as South Korea and China. Expect to see attackers using the Olympics in their messaging this year,” warned Bihammer.
McAfee has just released a report confirming that cybercriminals are expanding their horizons. In its third report titled ‘One Internet, Many Worlds’, McAfee looks at global malware trends and examines the unique threats in different countries and regions.
“This isn’t malware for the masses anymore,” said Jeff Green, senior vice president, McAfee Avert Labs. “Cybercrooks have become extremely deft at learning the nuances of the local regions and creating malware specific to each country. They’re not skilled just at computer programming – they’re skilled at psychology and linguistics, too.”
Based on data compiled by McAfee’s international security experts, the report examines the globalisation of threats and the unique threats in different countries and regions. Key findings include information about cybercrime rings taking advantage of lax law enforcement by recruiting malware writers in countries with high levels of education as well as unemployment.
“Malware has become more regional in nature during the past couple of years,” said Green. “This trend is further evidence that today’s cyberattacks are targeted and driven by a financial motive, instead of the glory and notoriety of yesteryear’s cybergraffiti and fast-spreading worms. We’re in a constant chess match with malware authors, and we’re prepared to counter them in any language.”
By Temp User on Mar 27, 2008 11:34AM
This article appeared in the 17 March, 2008 issue of CRN magazine.