Newsletter 
July 25, 2008
Search 
Home
News
Industry Verticals
BFSI
Education
Energy
Government
IT
Manufacturing
Pharma
Retail
Services
Telecom
Events
Tech Insight
Market Scan
Interview
Case Study
CXO Lifestyle
White Papers
Editorial
CXO Views
Tech Terms
   FOCUS AREAS
 • Business Apps  
 • Mobility

 • Open Source
 • Security
   TECH INSIGHT
Harnessing the Information Overload
Today information is being generated at a fast pace, making it difficult to manage data explosion. Seema Ambashtha, director (database sales consulting) of Oracle India discusses about this information overload and what IT managers should do to dra More...
    MARKET SCAN
India Flying High in Workforce Development
Despite low science and engineering student graduation rates, and widely varying education quality, India is rapidly becoming a global R&D hub. According to an Ewing Marion Kauffman Foundation study, India's private sector has overcome its education system's deficiencies by adapting and perfecting the best practices of Western companies More...
   TECH TERMS
  • Blue Tooth
  • BI
  • CDMA
  • CRM
                             More...
Home > Editors Speak
Email Print View Comments   

The Phishing Epidemic
By N. Raghavan
Bangalore, Oct 22, 2007

You can afford to dismiss Internet spam as a nuisance. But phishing and identify theft are, obviously, something else. Simply put, phishing is an ingenious method to gain access to your private - and valuable - personal information. Without your knowledge and permission, of course.

Phishing uses email and web site formats that look similar to those of legitimate businesses. The idea is to lure people to these seemingly genuine sites and persuade them to part with personal information as, for instance, credit card numbers. Typically, these web sites use fake sign-in pages for popular online services, particularly online auctions sites, online payment processors, or online banking. According to McAfee Avert Labs, the number of phishing web sites has been increasing exponentially, and there's no slowdown in sight.

Almost 70% of spam and nearly all phishing scams are delivered through bots or botnets. Bots are computer programs. Once installed (without the knowledge of the user) they give cybercrooks total control over PCs. A network of compromised computers represents processing power and bandwith that can be exploited by scammers to send emails in large volumes. Millions of computers on the Internet are part of bot networks, and the largest bot networks are believed to have over 1.5 million machines.


Recently, a more targeted form of phishing - spear phishing - has emerged. Unlike conventional phishing, spear phishers target just one organization at a time. A new tribe of phishers, called Vishers, has also arrived on the scene. Vishers use VoIP technology to target Internet users by hijacking identities and stealing money.

Phishing apart, keyloggers and social engineering are the other commonly used methods employed by cyber criminals to great effect. Keyloggers are software or hardware tools used to capture the user's keystrokes from the keyboard. Compared with software keyloggers, hardware keyloggers are more difficult to detect, as they don't install any code onto the machine and can't be detected by traditional anti-virus or anti-spyware tools.

Ironically, keyloggers are easily available in the market, as they have some genuine applications as well. But that also means fraudsters have no trouble accessing and using them to spy - and steal. In 2006, keylogging was reportedly the fastest-growing type of malware, and the trend is expected to carry on through 2007.

While keyloggers are mainly used to steal user account information from online gamers, they're finding a new application - industrial and political espionage. What's more, there's geographical angle, so to speak, to malware. According to researchers at Sophos, 30% of all malware spotted in 2006 originated in China. In fact, China ranks next only to the U.S, when it comes to hosting malware on the web.

Enterprises in India aren't immune from phishing attacks. In recent times, a major bank and a leading private sector airline have been targeted, among others. Not surprisingly, CIOs are concerned. According to a recent survey by security firm, Websense, 65% of Indian CIOs are very concerned about security threats emanating from the web. Of these, the most concerned about 'web security' (79%) were CIOs of large enterprises. The CIOs from Mumbai (72%) and Bangalore (71%) seemed more concerned about web threats as compared to IT decision makers from Chennai (51%) and Hyderabad (45%). The survey also revealed that 57% of the Indian enterprises have received phishing lures during the last 1 year and over a third of Indian companies (38%) were attacked by spyware.

In sum, despite efforts at control, phishing is getting more sophisticated - and the phishing phenomenon has accelerated and widened its net. Things have come to such a pass that you can even find phishing and hacking kits being marketed in underground Internet forums!

Related Links:
Banks Face Increased Security Threats
"10% of phishing attacks are targeted at India"
Phishing Mail Targets ICICI Customers

Home  | 
 
 
Comment :

Name :
Company :
City :
E-mail :
Word verification : Type the characters you see in the picture below.
 
Characters are not case-sensitive
   


Disclaimer
ITNation (India) Pvt. Limited and its sites: www.channeltimes.com, www.techtree.com and www.cxotoday.com provide Comments and discussion boards as a professional medium for the various businesses of the IT industry to discuss business problems. Gossip, personal attacks and unsubstantiated charges are prohibited. Messages posted on this Web site as discussion threads or Comments (Content) are solely the opinions of their creators and do not necessarily reflect the opinions of ITNation (India) Pvt. Limited or its sites www.channeltimes.com, www.techtree.com and www.cxotoday.com.
All individuals who post material to this web site are solely responsible for all Content that they upload, post or otherwise transmit via the Web Site.
ITNation cannot vouch for the authenticity of the user or company names or e-mail addresses associated with posted messages. Under no circumstances will ITNation India Pvt.Ltd. or Cxotoday.com be liable in any way for any Content, including, but not limited to, for any errors or omissions in any Content, or for any loss or damage of any kind incurred as a result of the use of any Content posted or otherwise transmitted via the Bulletin Boards.
ITNation reserves the exclusive right to edit or remove messages containing inappropriate language or other material that could be construed as libelous, potentially libelous, or otherwise offensive or inappropriate. Discussion forums, bulletin boards and chat facilities are provided by ITNation solely for the convenience of those who make use of the service. ITNation does not endorse the products and services or other offerings mentioned in messages.
TODAY'S HEADLINES
Delhi Wi-Fi
Lodha Group Outsources
Sanovi India Operations
BPOs Tap Domestic
Netmagic Opens New Data
    CXO VIEWS
Rules for Sustainable Application Integration
Most organizations are expanding their application suites to meet growth, which in turn accelerates the need for integration of information or processes to leverage the real benefit of enterprise application suites. Hemen Goswami, CTO of Infogain provides insights on the benefits of enterprise integration to meet the organizational needs More...
LATEST COMMENTS
well i need cc track 1 and 2, wu login, ..
The readiness and optimal performance are ..
I will give excellent training in BASE and ..
Is there any version of Tally for business mobiles
hello madam we would like to com and sty ..
MOST POPULAR STORIES
McAfee Conducts S.P.A.M (5)
HCL Connect India&Africa (2)
Blue Coat Eyes (2)
Ctrl S Bags Certificate (2)
A Virtual Wallet (2)
Feedback | Sales Offices | Advertising Options | About CXOToday | Site Map |
Copyright (C) 2008 ITNation India Pvt. Ltd. All Rights Reserved.