The Phishing Problem

What is phishing?

Phishing is an attempt to fraudulently obtain sensitive data such as login details, credit card details and so on by acting as a trusted entity. Typically, the phisher entices the victim via email, to enter their details at a malicious web site. The malicious web site masquerades as a legitimate, known web site.

How does phishing work?

Cyber criminals try to entice online shoppers into clicking on viral websites and or video links in order to obtain sensitive personal information that can be used for fraudulent purposes.

What to look out for

Cyber criminals use different techniques such as emails, false forms, messages and warnings. Legitimate companies never ask for personal information via email. Scammers might request you to fill information on a false form or to click on a link that redirects you to a false web site.

The most effective phishing techniques are the ones that you least expect to encounter.

Why Protect Your Data

Because of the astronomical rise of Cybercrime (worth $40b annually) – and because conventional desktop security can no longer effectively protect PC’s. This means that complacency in the business arena is no longer a viable option. These online cyber criminals are constantly developing new ways to make money. Business as usual is constantly under threat as there are big incentives for these criminals to continuously find ways to avoid security protection.

Cyber criminals use infected computers to generate income in many ways. One of the most simple ways is through advertising. This is done in the same way that legal sites generate income by displaying ads, malware can display ads that result in payment to cyber criminals.

Criminals also gather valuable user information from infected computers such as key personal information pertaining to online banking. This is one of the most sophisticated and stealthy forms of malware.

The online criminals are then in a position to use this personal information for either their own illegal use or they are in a position to sell it a third party who will use this information to make a profit.



Cybercrime and the current security environment

The increasing sophistication of the cybercrime industry has had 2 key outcomes:

1. A 1000% increase in malware and phishing attacks over the past few years; and

2. The continued decrease in effectiveness of conventional desktop security to combat attacks.

“Over half of new active malware and phishing threats on the Internet go undetected by 12 of the leading desktop anti-virus providers, with an average detection rate of 37 percent for malware and 42 percent for phishing” Cyveillance, May 2009