Features

Trend Micro Warns Against Anti-phising

By Sophia Mayengbam

The trend of malware attacks today have become more targeted and are mostly used for stealing personal information for financial gains. Trend Micro, a network antivirus and Internet content security software and services, has warned Internet users against spy-phishing, an emerging crimeware technique which capitalises on the increasingly popular trend of blended threats.

According to the company spy-phising, is going to the next step for spyware authors who want to steal money and personal information from users.

Trend Micro attributes the emergence of spy-phishing as a significant element in the threat landscape stems, in part, from a shift in the intent of malware writers, as well as a number of technological advances these writers have recently made.

The motive of previous generation malware writers were mainly to show of their expertise and gain bragging rights among their peers. However, the recent shift in malware attacks indicates that writers are now more interested in financial gains. Some create spyware programmes to steal credit card numbers, account log-ins, or a variety of other types of personal information. Others develop and/or enhance bot networks, which are then sold or leased to other individuals or groups, as a way of launching their programmes. Others phish for personal information either to use for themselves or to sell to others.

"Spy-phishing is really just another section under the category of crimeware, which can be defined as anything that causes financial or intellectual loss," explained Jamz Yaneza, senior threat researcher at Trend Micro.

Spy-phishing's direct antecedents are spyware, phishing, and backdoor Trojans. Spy-phishing blends the characteristics of all its antecedents. It has features of spyware that secretly installs itself on a user's computer and runs in the background, stealing personal information without the user's knowledge.

Spy-phising also features of phishing in which the identity of a target organisation is stolen in order to steal the identities of unsuspecting customers of the target company. It misleads the customer by using professional-looking, HTML-based e-mails that include company logos, font styles, colours, graphics, and other elements.

"Spy-phishing is a blended threat," said Yaneza. "It uses phishing techniques to initially present itself to users, then typically engages a host of other techniques and exploits to surreptitiously download and install spyware applications in the background. These applications oftentimes download additional spyware applications to further extend their functionality."

According to data collected by Trend Micro, the amount of Trojan spyware such as that employed in spy-phishing attacks has been steadily increasing.

The incidence of Trojan spyware has alarmingly increase by over 250 percent over the past 16 months. According to a report published by the Anti-Phishing Working Group, an average of more than 188 new samples of Trojan spyware have been utilised in spy-phishing attacks each month in the first four months of 2006 - a 234 per cent increase over the same period in 2005.

Spy-phishing offers malicious authors a variety of applications and uses. Customers and individual users are not the only target. These malicious attacks have the wings to extend and affect enterprises and their employees.

"Businesses of all sizes are potentially at risk, as spy-phishing can also just as easily be utilised for corporate espionage," added Yaneza. "In fact, due to the Trojan components, and the long-term stealth capabilities they employ, the threat to sensitive corporate information is perhaps greater than is the risk to the individual, if only due to the magnitude of the potential for loss."

The spy-phising outbreak is by far the most dangerous and sooner more advanced malwares are going to be written that will change the course of Internet dominance in the hands of a few. An authorative intervention to stop these malware writers is the need of the hour.


print	save	email	comment