Sophos today released it's first quarter cybercrime activity for 2007. The results are stunning:
"In the first quarter of 2007, Sophos identified 23,864 new threats - more than double the number found in the same period last year when the company identified 9,450. At the same time, the percentage of infected email has dropped from 1.3 percent, or one in 77 emails in the first three months of 2006, to one in 256, or just 0.4 percent in 2007."
"From January to the end of March, Sophos identified an average of 5,000 new infected webpages every day, indicating that this route to infection is becoming more popular with cybercriminals. With computer users becoming increasingly aware of how to protect against email-aware viruses and malware, hackers have turned to the web as their preferred vector of attack."
"In another incident in March this year, cybercriminals used spam campaigns to lure users to hacked sites in an attempt to sell goods. Legitimate websites with PHP vulnerabilities were hacked, redirecting visitors to a pharmaceutical store selling drugs. By using legitimate URLs in their spam messages, they were able to avoid less sophisticated spam filters, and when the victim clicked on the link they went to a genuine website only to then be automatically redirected to the hackers' site."
My analysis: Criminals are getting more sophisticated in their attacks. As spam clicking decreases criminals are going after web pages to use to spread their malware. Unfortunately, this attack pattern will continue long into the future because most website owners are unaware of the risks to their customers from their poor website coding habits. Cavet emptor when online.
Guy
www.authenticationworld.com
guy.huntington@authenticationworld.com
del.icio.us