Microsoft has released its Security Intelligence Report volume 10, which highlights a polarisation in terms of cybercriminal behavior, and a significant increase in the use of “marketing-like” approaches and deception tactics to steal money from consumers. The Security Intelligence Report focuses on the period of July to December 2010 and includes analysis of data from more than 600 million systems worldwide.
The Report outlines the emergence of two distinct types of cybercriminal. The first, a highly sophisticated, well-informed individual who pursues high-value opportunities with large payoffs. The second, an individual skilled at exploiting social relationships to con a small amount of money from a large amount of people.
At present the most prevalent methods include the use of rogue security software, phishing using social networking as the lure and adware (software that automatically plays, displays or downloads advertisements). The majority (six out of ten) of these methods use malware – corrupt software disguised as a marketing campaign or product promotion that appears legitimate. Criminals use this malware to make money through tricking users with pay-per-click schemes, false advertisements or fake security software for sale.
“Microsoft and the rest of the software industry have significantly improved customer protection and guidance over the last few years,” says Mark Rees, National Technology Officer for Microsoft New Zealand.
“These efforts are making a difference, but there is more work to do. We continue to see cybercriminals evolve their attack methods, such as the significant rise in social network phishing.”
According to the Report, phishing using social networking as a lure increased from 8.3 percent of all phishing in January to 84.5 percent in December 2010. This huge increase is a direct result of the rise of social networking sites. These techniques add to an already extensive list of social engineering techniques, such as financial and product promotions, to extort money or trick users into downloading malicious content. The report also found that worldwide detections of adware increased 70 percent within a six month period in 2010.
“With more consumers and devices coming online every day, cybercriminals now have more opportunities than before to deceive users through attack methods like adware, phishing and rogue security software. It’s becoming increasingly difficult for consumers to decipher legitimate communications and promotions given the sophistication of tools criminals are using, so it’s more important than ever to provide information and guidance about these online threats,” says Mark.
Additionally, rogue security software, or scareware, has quickly become one of the most common ways for cybercriminals across the globe to acquire money and private information from unassuming computer users. This software, such as Win32/FakeSpypro, appears similar to legitimate security software giving a false sense of protection, and, if trusted and clicked by the user, downloads itself and compromises systems. In 2010, Microsoft protected nearly 19 million systems from rogue security software. The top five types of rogue security software were responsible for 70 percent, or approximately 13 million, of those detections.
“While criminals work to evolve their attack methods, Microsoft and the industry will continue to collaborate with partners and customers to improve security and privacy and increase awareness. A combined effort helps to protect the broader online community from these threats and develop more secure software solutions to prevent criminals from reaping the benefits,” says Graham Titterington, Principal Analyst for Ovum.
Data for Microsoft’s Security Intelligence Report is captured by Microsoft products and tools, including Forefront security products, Windows Defender, Microsoft Security Essentials, Windows Internet Explorer, Bing and the Malicious Software Removal Tool (MSRT).