BANGALORE, INDIA: Symantec reported in July that E-card spam had become particularly virulent and the trend continued in subsequent months. These evolved to include different hooks intended to lure users into following malicious URLs containing malware. Infected machines become part of the Storm Worm botnet, causing these spam messages and the malware to propagate.
MPack is a current example of a sophisticated attacker toolkit that appears to be professionally written and developed. It is available for sale online. Used to install malicious code on thousands of computers, MPack even includes a management console where they can control and monitor the state of their "business".
Another indication of the commercialization of malicious activity is the emergence of phishing toolkits, a series of scripts that allow an attacker to automatically set up phishing Web sites that spoof the legitimate sites of different brands, including those sites' legitimate images and logos.
In September, Symantec observed 18,424 unique phishing URLs. Banks continue to be the most phished sector with 52% of these URLs spoofing financial institutions.
Phishing presented only a marginal risk during the 2004 Presidential Election. At the time, phishing itself was still in its infancy. When we revisit the potential risk of phishing to the 2008 federal election, we find ourselves in a much different position.
Since typical Internet users would not be well acquainted with the domains associated with political candidates, there is a risk that phishers would use a similarly designed website to collect credentials from unsuspecting victims.
Phishers can easily mimic legitimate fundraising emails in order to make people submit their credentials or download crimeware.
NEXT>>
Imagine getting the undivided attention of 60,000 Enterprise community, 1,00,000 Developers, 30,000 Resellers, 16,000 SMBs and more than 1.5 lakh enthusiasts for your products and services.Irresistible!! Right?
