Money lures Net hackers, not glory

Updated: Mar 27 2006, 05:30am hrs
The Internet has gone beyond a communications and information medium and become a way for consumers to trade, buy things, and even do their banking. With vendors providing many of their services online, e-commerce is at an all time high. It encompasses a surprisingly wide range of activities, and each requires our attention and vigilance. It is critical to use the best security technology, and keep personal information confidential.

For example, 70% of consumers today prefer to buy software online, but there are still a wide range of attitudes about online commerce. For some, its as natural as walking down Main Street and into the corner store. For others, its unfamiliar and scary. Regardless of how familiar consumers are with online transactions, security is and should be a concern.

Fraud is perhaps the most pervasive danger in online transactions. Con artists engage in what is known as phishing expeditions and try to take advantage of the trust built with online institutions. In their attempts to fool consumers into divulging credit card numbers, passwords, and social security numbers, they impersonate banks, Internet service providers (ISPs), and payment verification companies. They have even sunk so low as to masquerade as charity organisations. In fact, within days of the Hurricane Katrina disaster, there were reports of numerous fraudulent Web sites taking advantage of those trying to send financial aid to the victims.

Though awareness of PC security is mounting, consumers do not have much knowledge of security technology. The IT industry estimates that more than 40% of personal computers world-wide are not adequately protected.

One hour of unprotected surfing can pick up hundreds of uninvited software visitors, some of them malicious. This translates to the fact that there exists no code green or safety zone in the online world. Existing threats, mostly viruses and worms come under the code orange or contained threat category. But an alarming concern is the speed at which new threats are being generated. They generally fall into the code red category as they aim to steal money, and in many cases have not been seen before so traditional security software cannot protect against them.. Research shows ten new threats being identified every day.

Developing malicious code has become a full-time job for hackers to hijack thousands of computers with an aim to control them. A new trend states that developers of these threats may be employed for that purpose and several development teams in various locales may be collaborating on such projects. In addition to this, fraudsters use the internet to find victims as well as communicate with other fraudsters. Research indicates various forums serve as a source for a comprehensive range of information serving those looking to commit cyber crimes. Dedicated online forums are used for trading or selling different commodities from credit card information to counterfeit currency.

Online threats are moving from hacking for glory to criminals who want to steal money. 80% of the top threats are to do with stealing personal information in the interest of financial gain. Surveillance, analysis and distribution of responses can be distributed within hours, but new defenses are required.

Increasing internet security threats have resulted in the erosion of consumer trust in online processes. In a study conducted by Gartner and Cyber Security Industry Alliance, 53% of internet users have stopped giving out personal information to websites due to fear of online fraud and identity theft which has been the top consumer complaint to the Federal Trade Commission for the last six years. These statistics reveal several areas of concern that have had a direct impact on e-commerce industry. 30% of consumers have reduced overall usage of the Internet and 42% are reluctant to shop online. Additionally, 14% have stopped paying bills online with 4% putting an end to their online banking transactions.

The lesson here is not to stop transacting online, but to take the right measures to battle against crimeware or malicious software threats. Irrespective of the credibility of the portal, it is critical to be cautious and run security software to prevent harm. With cyber crime increasing at alarming speeds, we must all take measures to protect our confidential data.

Security threats are now on the radar of most Internet consumers, and they have increased demands of security companies. They do not want just a product; they want an all encompassing service. With new attacks cropping up everyday security companies need to be on high alert to spot the latest threats and create responses. Its critical to spot threats and eliminate them within hours of their appearance.

The writer is MD, Symantec India