As we know unlike yesteryears antivirus packages, it is now a day’s common to come across security suite bundles consist of an antivirus, a firewall and a spyware in one package.  Let us dig into the common security issues in the web.

Phishing

Phishing is the process by which, a user is forced to take part with sensitive financial and other personal details by posting as an authorized agent. Phishing usually takes the form of email, which will ask you to update your bank or company details to the given link. The webpage will look exactly like the original one. Some of the naïve users might enter the requested details like user name and password. These details are routed to the scammer who can then use those data whichever way he likes.

Rootkits

This type of application can hide other application from showing up in any of the system monitors. Rootkits are actually mad e famous by Sony; they used this application to hide their anti-piracy application from showing up. Rootkits will enable continues privileged access to a computer, while actively hiding it from the administrator. By inserting a rootkit, a malware can easily avoid detection by antivirus applications.

Browser Hijackers

Browser that has been hijacked will always open a certain webpage by default on start. A hijacked browser might also deny access to some site. In such scenario we can’t even delete the responsible file, as some part of the malware is loaded into memory when system boots.

Spyware

Spywares are usually used by a spammer, to gain entry into a system and monitor the user without his knowledge. As the name suggest the spyware act as a spy of the remote server. It will report confidential details like username and password to the remote server.

Keylogging

Keylogging is the process of recording the key stoke made by the user with the help of software. It is mainly used to find details such a password, username, bank account details etc.

Viruses

Viruses are the most common security threat in the web. Viruses always tag along with a file. Running that particular file will result in the virus in it to infect the system.

Trojans

Trojans are another threat which will be known even to a nave user. Trojan usually enters into a system by pretending as something else. The user will run the file by thinking it as something else. After being installed the Trojans can easily manipulate system data.

Worms

Worms are application that spread along a network all by itself.  They usually overload a network by moving from one node to another in huge numbers. This will result in the temporary down fall or crash of the network.

Data Sniffers

Data sniffers are usually used to know the content of a message. Messages are sent over internet as data packets. A data sniffer can be easily planted in a server through which the data passes, hence gaining access to the content of the message

These are the common threat issues that someone will come across in the web. Hope this article helps you to get a good overlook of the web based security issues.

© Miljo for Security World News, 2010. | Permalink | No comment | Add to del.icio.us
Post tags: Browser Hijackers, Data Sniffers, Keylogging, Phishing, Rootkits, Spyware, Trojans, Viruses

According to the Anti-Phishing Working Group (APWG), the number of Phishing incidents is increasing at a rate of 56 percent every month.

Phishing can be done on an unsuspecting victim who receives an email that comes from a respectable business, such as a bank or other types of financial institutions and the email links the victim to a web site where he or she is asked to provide account information. What is scary the site in which you have been directed to looks legitimate and about 10 percent of people who receive these types of emails fall prey to these crooks.

Thousands of computers are compromised each day without the user ever knowing they have unwillingly given up their private and personal information.

Phishing is automated identity theft. Gartner Group estimated in that 1.78 million Americans had already given their information to phishers with a cost to U.S. consumers and industry is 2.4 billion dollars.

It is a good bet that everyone who has an email account has received some level of Phishing. Anytime you have received an email from what appears to be a legitimate business that has a well known presence on the internet has been used to steal your personal information. The type of information being requested is passwords, usernames, account numbers, credit cards, social security numbers and any other data that will allow the criminals to take your identity and money.

Identity theft is the fasting growing crime in the United States. Can you imagine having criminals take out a second mortgage on your home or better yet purchase a home using your credit information, fraudulent charges on your credit card.

If you receive an email as described above and provided the information most likely you are a victim of Identity theft.

Some of the businesses being impersonated are banks, auctions sites, Internet retails, charities, financial institutes and any other internet transaction base site. Keep in mind that most of the impersonating is of the Larger companies that are well known, but it is just a matter of time that all of us will need to be on high alert.

Even if you don’t answer the email you can become a victim with the use of spy ware or Trojans. In this case you don’t have to supply any information. The victim’s computer is compromised and sends the information to the phishers on its own. This is known a keystroke logger that watches for usernames, passwords and other financial or personal information.

Who is doing the Phishing?

Serious crackers are sophisticated and don’t care who they work for, they can develop their own spy ware, run scripts through email or websites, compromise networks that are behind a firewall and generally cause disaster.

Organized Crime and criminal syndicates are responsible for the most elaborate and thorough phishing scams. This group hires the serious crackers to develop websites to recruit mules for money laundering; they can create fake credit and Cash cards with your personal information and use them anywhere they want. It is said that this is the most dangerous group and create most of the identity theft.

Terrorists are currently profiting from your identity, in 2002 the FBI stated the following in congressional testimony:

The impact of Identity theft is greater that just the loss of money or property. Terrorists and terrorist groups require funding to perpetrate their terrorist agendas. The methods use to finance terrorism range from the highly sophisticated to most basic. There is virtually no financing method that has not at some level been exploited by the groups. Identity theft is a key catalyst for fueling many of these methods.

Just be careful and don’t respond to emails. Call the financial institutes that you do business with to verify the email and also notify them of incident.

© Ralph for Security World News, 2010. | Permalink | No comment | Add to del.icio.us
Post tags: Identity Theft, personal information, Phishing