Phishers use current events to make their “bait” more convincing.  It’s no longer enough to look for obvious typos to determine if something is real or not.  A recently observed phishing scheme used the Southern California fires to tug on heartstrings and open wallets.  The message, purporting to come from the IRS, included statistics and heart-rending call to action.

 Exploitation of Trusted Brands – By exploiting a trusted Web environment, attackers now prefer to lie in wait for victims to come to them. 

Attackers no longer actively seek out their intended victims; instead, they wait for their targets to come to them. Attackers do this by compromising trusted sites and/or applications so that when a user visits that site or uses that application, the attacker is able to compromise the victim’s computer.

Social networking sites have proven fruitful for hackers because they give attackers access to large numbers of people, many of whom implicitly trust that the site and its content are secure; these sites can easily be compromised due to the prevalence of Web application vulnerabilities on the sites.

This has serious implications for end users because they may no longer be able to place their trust in well-known sites.  The previously popular advice to avoid “bad neighborhoods” on the Internet is no longer enough.

Early in 2007, attackers successfully hacked the Web site for the Miami Dolphins Stadium, host of the Super Bowl.  Malicious code on the site attempted to infect visitors.

In October, attackers targeted the online ticket vendor for the Colorado Rockies in advance of the World Series, knocking the system offline.

This accounts for the wide variety of estimates seen on the size of this particular botnet.

Symantec believe that using a snapshot approach to measure the botnet’s size yields the most reliable results.  Our research suggests that the network is smaller than some think, leading us to believe that, at least currently, the Peacomm network size is closer to the more conservative estimates that are being published.