Phishing Attacks to Get
More Complex"> "The attackers are going so far as trying to find out who the customers of a specific bank or credit union may be and targeting them directly. Theyre spending more time doing the upfront work to try and yield greater success from their work." Symantec reported phishing attacks have continued to grow in volume as well as complexity. The company said that over the first six months of 2006 its researchers unearthed a whopping 157,477 unique phishing messages, representing an 81 increase compared to the 86,906 phishing schemes it saw during the second half of 2005.Apple ships patch for MacBook Wi-Fi hack. Click here to read more. Another increasingly popular trend highlighted in the report is the use of applications designed to appear as legitimate software that actually harbor malware attacks such as spyware and adware. Symantec said that three of the top 10 new security risks it observed during the first half of 2006 were misleading applications. A popular format for the attacks is to promise users free desktop security software that actually attempts to steal their personal information or load malware including rootkits onto desktops once installed. Looking forward, the anti-virus specialist predicted that polymorphic viruses, or malware strains that change their own signatures each time they infect a new machine to avoid detection from security programs, will continue to grow in popularity. The company predicted that code writers at every level of the malware industry, from seasoned criminals to amateurs who buy their threat code from other parties, will adopt the technique to help their work have a more widespread affect and remain hidden on computers for longer periods of time. Symantec contends that the use of AJAX and other Web 2.0 technologies will also increase in frequency, specifically leading to an increased number of cross-site scripting and content injection attacks. That development has the potential to expose even greater numbers of users to attacks that can be detected by most traditional security tools, researchers said. Symantec, which is increasingly competing with software giant Microsoft, is also predicting that vulnerability-finding efforts aimed at its rivals next-generation Vista operating system will ramp up over the latter half of 2006. Symantec is one of two companies, along with Adobe Systems, that is expected to present arguments to officials with the European Union about Microsofts push with Vista into new market sectors, specifically the anti-virus arena. Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.
Financial services companies continue to draw the most attacks, accounting for 84 percent of the phishing sites discovered by the Symantecs Phish Report Network and Brightmail AntiSpam organization.