By Jon Oltsik
December 11, 2008
A new report from the Anti-Phishing Working Group is yet another
reminder of the information security threats we all face. This latest
publication states that the number of compromised URLs used to
distribute malicious code nearly tripled in the 12-month period from
July 2007 through July 2008.
This data, along with similar research from McAfee, RSA Security,
Symantec, and Trend Micro, demonstrate that the bad guys are taking
advantage of the global recession with an increase in attack volume and
sophistication. Certainly, security professionals recognize this
unsettling trend, and according to ESG Research data, security remains a
top IT priority for 2009. Based upon recent activities, it appears the
federal government also sees the need for countermeasures.
While insiders seem to see the storm approaching, however, I'm worried
about the Internet everyman--"Joe the Online User," if you will.
Information security tends to be an esoteric topic sure to bore the
pants off friends and neighbors at upcoming holiday parties, but there's
more in play than ignorance alone.
I am starting to see a whole bunch of no-name security grifters pitching
second-tier products and services with Chicken Little, "the sky is
falling" scare tactics. You tend to find these guys are on drive-time
radio and entertainment Web sites. I'm not alone in this observation.
This week the U.S. District Court in Maryland ordered two fly-by-night
companies to stop promoting "scareware" through online advertisements.
These pop-up ads would warn Web surfers that their systems had been
compromised by viruses, spyware, and even "illegal pornographic
content." They were even so brazen as to suggest that users could be
investigated or outed as some type of degenerate porn addict. Of course,
they were happy to sell you software and services to alleviate the
Unfortunately, there will always be a population of low-down dirtbags
willing to take advantage of people's fears and hardships. After
September 11 they pitched gas masks; they sold bottled water for $10 a
piece following Hurricane Katrina. Given the cybersecurity activity out
there, we are bound to see more and more of these security scams. The
difference here is that security con artists are preying on fears that
users really don't understand. Consumers may get scammed or become
cynical--neither of which is good.
Help InfoSecNews.org with a donation!