According to security vendor Symantec, using commonsense when dealing online is one of the foremost methods of keeping malware and other computer nasties away from your system.
Click to enlarge
The comments follow the release of the company’s Internet Security Threat Report (ISTR), Volume XIII, which shows an alarming 468 per cent increase in online threats from 2006 to the end of 2007.
According to the report, “…the Web is now the primary conduit of attack activity, as opposed to network attacks, and that online users can increasingly be infected simply by visiting everyday Web sites.”
The report also shows some disturbing facts including:
· Theft or loss of a computer or other device made up 57 per cent of all data breaches during the last half of 2007 and accounted for 46 per cent of all reported breaches in the previous reporting period.
· Government was the top industry sector for identities exposed, accounting for 60 percent of the total, an increase from 12 percent in the previous reporting period.
· And a full identity can be purchased in the underground economy for as little as $1.
According to Martin, social networking has now become a major source of online information for cyber-criminals.
“Personal information is the most important. Criminals are leveraging social networking sites and then selling the information to those in the underground economy, who then find other ways to get even more information on an individual. This has the effect that at the end of the line, someone ends up with enough data to be able to access bank accounts or credit card information.”
This is also borne out by Stephen Trilling, vice president, Symantec Security Technology and Response, who says, “Avoiding the dark alleys of the Internet was sufficient advice in years past,” “Today’s criminal is focused on compromising legitimate Web sites to launch attacks on end-users, which underscores the importance of maintaining a strong security posture no matter where you go and what you do on the Internet.”
And the Symantec report underlines this by concluding that “in the last six months of 2007, 68 per cent of the most prevalent malicious threats reported to Symantec attempt to compromise confidential information”.
And according to Martin, the banking and financial sectors still account for some 80 per cent of all malware and phishing attacks worldwide.
However, in a positive note, Martin says that apart from using new technology, merchants are becoming much wiser in identifying suspect purchases, albeit by using traditional methods like ringing up the customer and confirming the order and cross checking the information.
“Merchants are getting better and better at picking up fraud on their sites”, he says.