Cyber warrior

This month Trend Micro reported on a mass web attack that has already been dubbed the 'Italian Job II'.

  • E-Mail
By  Sean Cronin Published  May 7, 2008

"It was like he almost had a conscience in that the guy wasn't taking the money that was sent in, but using the credit card information for personal gain."

While Chang says that corporations are not taking the threat posted by computer virus attacks as seriously as they should, he says there is evidence of some companies spending heavily to shore up their cyber-defences in recent months.

That has been demonstrated by the investment some companies are now willing to make to protect their systems from an attack...

"In the last 20 years I've never seen a single deal worth more than one million dollars," he says, "until this week when a single company paid us US$6m."

He doesn't disclose the identity of the client but says it may be a reflection of the increased threat corporations now face.

That may not be good news for companies with less than robustly protected networks as computer attacks become ever more virulent and the potential for catastrophic loss of information increases.

But for Chang and the rest of the global internet security industry, at least it's got be good for business.

From phishing to pharming

Information theft from computer networks and home computers is on the rise and is often done through so-called 'phishing' and 'pharming'.

Phishing describes any attempt via phone, email, instant messaging (IM), or fax to procure personally identifiable information with the intent of perpetrating theft or fraud.

According to Trend Micro, most of the attempts are made in the guise of a legitimate purpose - in other words, they appear to be valid, but instead are the actions of a criminal enterprise.

A typical electronic phishing attack will comprise of an authentic-looking email and a fraudulent web page. It appeals to the victim's sense of legitimacy and the HTML-based emails often include company logos, colours, graphics and font styles which give the impression of authenticity.

Web links included in these emails almost always possess the look and feel of the legitimate sites they copy, making the fraud almost impossible to detect.

"An example was when Saddam Hussein was executed. A link was sent to download video that someone allegedly shot on a phone," says Trend Micro regional MD Justin Doo.

"But when you went to the download site it would say you needed an extra bit of codec to read the film format. People kept trying to download it without success, not realising that what they were actually doing was downloading a trojan. They were getting the user to request the malware and installing it on their own PCs."

Pharming is similar to phishing. Instead of directly soliciting personal or corporate information, pharming hijacks legitimate URLs such as "www.mypayroll.com" and redirects them, via the domain name server, to fraudulent IP addresses which spoof the originals.

These spoofed URLs then collect, via a graphical user interface, protected information without a user ever noticing the difference. Because pharming requires a much higher degree of technical acuity to perform, it is far less common than phishing.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code