A white paper from McAfee Avert Labs on global identity theft trends uncovered a dramatic increase in online and computer-based identity theft through the use of keyloggers.
According to the report, the number of keyloggers—malicious software code that tracks typing activity to capture passwords and other private information—increased by 250 percent between January 2004 and May 2006.
The findings come on the heels of similar reports decrying the increase of spam and instant messaging attacks in 2006, including a study by San Diego-based Akonix Systems that uncovered nearly 20 percent more new IM-borne attacks last year than it did in 2005.
Akonix officials predict that many IM attacks this year would be from organized groups of criminals looking to commit identity fraud.
Additional findings from the McAfee report show the number of phishing alerts tracked by the Anti-Phishing Working Group multiplied 100-fold from January 2004 to May 2006.
“Identity theft is a global phenomenon that threatens all of us, which means we all need to become more aware, more vigilant and less trusting to protect ourselves,” said Jeff Green, senior vice president of McAfee Avert Labs in a statement.
“By learning where we are vulnerable, and how and why criminals engage in identity theft, we can then take the necessary precautions to avoid being victimized.”
Identity theft exacts a high toll on the global economy. According to the Federal Trade Commission, the annual cost for consumers and businesses in the United States alone reaches $50 billion, McAfee officials said.
The white paper reviews identity theft techniques, from non-technical approaches like dumpster diving to sophisticated keyloggers that monitor computer keyboard keystrokes to steal online usernames and passwords.
The report presents high-profile examples of identity theft cases from around the world along with an overview of the types of criminals and organizations that engage in identity theft for profit or to facilitate terrorist acts.
The white paper also includes tips for businesses to protect employees from being victimized such as be vigilant for phishing scams, manually type a Web address into a browser instead of clicking on a link in an e-mail, and use strong passwords.
Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Ryan Naraines eWEEK Security Watch blog.