Whether we like it or not, we are all living in Information Age. We have nothing left but adapt to rapidly developing information technology, no matter who we are and what we do for living.
The Internet, in particular, means for us boundless opportunities in life and business - but also lots of dangers unheard of just a decade ago. We should be aware of these dangers if we want to use huge potential of Internet and to avoid hazards it brings us.
Warning: There are Websites You'd Better Not Visit
Thanks to authors of numerous articles on this topic, "classic" phishing technique is relatively well known. This scam involves setting bogus websites and luring people to visit them, as a rule, by links in emails. Phishing website is disguised to look like a legitimate one -- of a bank or a credit card company, and users are invited to provide their identifying information. Sites of this kind are used solely to steal users' passwords, PIN numbers, SSNs and other confidential information.
At first phishing consisted only of a social engineering scam in which phishers spammed consumer e-mail accounts with letters ostensibly from banks. The more people got aware of scam, less spelling mistakes these messages contained, and more these fraudulent websites resembled legitimate ones. Phishers are getting smarter. They eagerly learn; there is enough money involved here to turn criminals into earnest students.
Keyloggers and Trojans
Since about November 2004 there has been a lot of publications of a scheme which at first was seen as a new kind of phishing. This technique includes contaminating a PC with a Trojan horse program. The problem is that this Trojan contains a keylogger which lurks at background until user of infected PC visits one of specified websites. Then keylogger comes to life to do what it was created for -- to steal information.
It seems that this technique is actually a separate scam aimed at stealing personal information and such attacks are on rise. Security vendor Symantec warns about commercialisation of malware -- cybercriminals prefer cash to fun, so various kinds of information-stealing software are used more actively.
Fraudulent websites are on rise
Websense Security Labs -- a well-known authority in information security -- noticed a dramatic rise in number of fraudulent websites as far back as in second half of 2004. These sites pose as ones for e-commerce; they encourage users to apply for a reward or purchase something, of course never delivering product or paying money. The most popular areas for such fraud are online pharmacies, lottery scams, and loan / mortgage sites. Experts predict there will be more fake merchants in future and their scams will become more sophisticated.
A Hybrid Scam
In April Panda Software warned Internet users of a new particularly brazen scam aimed at stealing confidential information. The technique used here looks like a hybrid between phishing and a fraudulent website. Panda Software identified several websites offering cheap airline tickets which in fact weren't selling anything; aim was to cheat users out of credit card details.
This scam is very simple; thieves simply wait until some unsuspecting user who is searching for, say, airline ticket offers, finds their site offering dirt-cheap airline tickets. Really pleased with himself and looking forward to trip, user fills in form, entering his credit card number, expiry date and verification value (CVV).