Press Room

Phishing for Trouble: CyberCriminals Profit Big by Thinking Small

Media Contact:
Renea Blanck
Micro 2000, Inc.
800-864-8008
reneab@micro2000.com

GLENDALE, Ca. (July 2005) – According to security experts, Internet hackers are shifting gears and scoring big by thinking small. Instead of blasting out global virus attacks over the Internet, cyber-criminals, motivated by profit, are becoming increasingly more organized and have begun targeting their attacks on one or two companies at a time. Identity thieves who once relied on sifting through dumpsters and trash cans to find confidential, personal data have realized that it’s more worthwhile to obtain such information from companies that collect it - and the profits can be substantial.

The Situation

The focused, targeted attack is generally small enough that Internet security firms looking for broader attacks often miss them, giving the cyber-criminal enough time to research their target before infiltrating it. Trojan viruses, which lie behind fake web links or email attachments, appear as harmless files, but actually contain malicious code. Some even pose as IT administrators requesting to install software updates. Once in, they use simple spyware programs to extract passwords, financial and personal data, and other valuable information.

Some Trojans actually reroute corporate traffic to a bogus destination where criminals can then intercept, monitor and retrieve all the sensitive information they want. They might even disable the connection long before the targets IT department discovers anything has happened.

The Result

Thanks to the California law that went into affect in 2003, several major breaches of private consumer data have been disclosed. In one instance, forty million credit card accounts were exposed to a breach where at least 200,000 records were stolen from CardSystems Solutions, Inc., an Atlanta-based payment processing company. Other disclosures include CitiFinancial with 3.9 million affected accounts, DSW/Retail Ventures with 1.3 million, and Bank of America, Wachovia, PNC Bank and Commerce Bank with up to 675,000 exposures.

Countless websites blatantly promote criminal activity, such as the International Association for the Advancement of Criminal Activity (www.iaaca.com) where attackers freely buy, sell, and trade stolen information, malicious computer code, and access to hijacked networks with less than 5% ever being arrested.

Securing Your Desktop

Gartner reports that viruses and worms are the top IT security threats. Yet the latest Maritz® poll, which surveyed IT managers in small and medium businesses, reveals that despite these serious security issues, some businesses are still not defending themselves against potential threats:

• 29% don’t use anti-spam software.
• 34% don’t use spyware software.
• 4% don’t use anti-virus software.
• 47% don’t use adware software.

Information is the world’s new currency making it even more important for companies to take control of their networks and identify vulnerabilities. Remote access and client systems management software, like RemoteScope™, TrackIT!® and ZenWorks® allow network administrators the ability to:

• Instantly identify all installed software for every PC in the network and remotely deploy the necessary applications to those systems missing programs like anti-virus, spyware and adware.
• Remotely run tasks like virus scans, spyware and adware scans, and set automated schedules to run regular scans.
• Remotely deploy patches and updates, and
• Remotely monitor or control any client system in the network.

IT professionals cannot afford to rely on end users to ensure their systems are protected, however, most find it a daunting task that usually requires many hours each week just to keep up. Forrester Research reports that centralized client systems management drives standardization, improves end user service levels, increases the accuracy of asset tracking, and reduces overall support costs by an average of 15% to 20%.

For as long as we’ve been plagued by spam, spyware and adware, few effective tactics have been put in place to stop it. Micro 2000’s client systems management tools deliver high level productivity, security, and IT control enabling your business to operate beyond the walls of traditional security and help reduce your risk.

Renea Blanck
800.864.8008

RemoteScope™ and Micro 2000 are trademarks owned by Micro 2000, Incorporated. All other trademarks are property of their respective owners.

SOURCES: FBI, MessageLabs, Maritz Research, Forrester Research, McAffee, and Gartner.

Statistical Information

• $400 Billion is the estimated cost of cybercrime in 2004
• 75 – 150 Million is the estimated number of phishing emails sent each day
• 2,000 new pieces of malicious software worldwide was released each month in 2004
• $1,200 is the average cost of phishing scams per victim in the U.S.
• 20 minutes is the estimated time within which an unprotected computer online, running Windows XP, will be probed by malicious software

Identity Theft Fact Sheets

• Coping with Identity Theft: Reducing Your Risk of Fraud
• Identity Theft: What to Do When it Happens to You -- A Guide for Victims
• In Spanish - Robo de identidad: Qué hacer si le sucede a usted
• Criminal Identity Theft
• FACTA, the Fair and Accurate Credit Transactions Act: Consumers Win Some, Lose Some (Includes FACTA updates to the FCRA that apply to identity theft)
• Debt Collection Practices: When Hardball Tactics Go Too Far
• Identity Theft Resource Center. The Privacy Rights Clearinghouse works closely with the Identity Theft Resource Center (ITRC). Its web site, www.idtheftcenter.org, offers numerous resources for victims of identity theft as well as those who are working to prevent the crime. To access their victim guides and fact sheets go to www.idtheftcenter.org/vguides.shtml.

A Chronology of Data Breaches Reported Since the ChoicePoint Incident

• Data Breach Chronology

Back to Top