Criminals can steal your data in public internet chat rooms
New model is gaining popularity in the IT world, online criminals are now offering Fraud as a Service, (FaaS) hawking their wares in Internet chat rooms. Among their offerings: data-harvesting malware, patching and upgrades to help trojans evade detection, stolen credentials, and hosting and money-laundering services.
Newly organized methods of online criminal activity are threatening to
democratize fraud and undermine banks and online traders, according to
security experts at this year's RSA Conference Europe. Speaking to vnunet.com, security vendor
RSA's Head of New
Technologies Uri Rivner shared new trends spotted by the
firm's Anti Fraud Command Center. Rivner warned of a new trend
where criminals offer fraud services in a Software as a Service (SaaS)
model, which can be purchased from Internet chat rooms and forums. This
"Fraud as a Service" could feature information-stealing Trojans,
together with bulletproof hosting to ensure zero downtime, and a fully integrated infection service to
provide patching and upgrades so the Trojan escapes detection by
security software.
"You can then sit back and watch how many computers are infected with
the Trojan and how many user credentials come rolling in," Rivner said.
"Anyone can do fraud these days -- you just need to go to the right
place to get user credentials." Rivner explained that roughly half of phishing attacks are now
carried out by individuals or small groups who meet, exchange
information and trade each other's services in Internet chat rooms. He
added that most online fraudsters can be broken down into two groups:
harvesting fraudsters, who specialize in stealing user credentials; and
cash-out operators, who focus on laundering the money from stolen
accounts or fraudulently purchased goods. While the former can now easily buy Fraud as a Service packages to
help them harvest account details, the latter work on the operational
side, transferring money from these accounts into a network of
so-called mule accounts. The money is then sent via Western Union from
these accounts to someone else, who will take a cut and pass on the
funds to the cash-out fraudster. At the end of the chain the cash-out
operator and harvester will share their gains.
Marc Cramer, information security consultant at insurance group
ING, warned that hacking and phishing tools are now "very customer-friendly," while Mark Stanhope, senior e-crime manager at Lloyds TSB, argued that fraudsters are "a lot more agile than we are." "They are a lot smaller than we are and will always evolve faster
than us," Stanhope added. "We have to make it as difficult as possible
for them to target mass attacks." To mitigate the risk of
being defrauded, Rivner advised firms to employ several key strategies.
They involve limiting credit harvesting by detecting, blocking and
shutting down attacks and then rolling out two-factor and adaptive
authentication to customers, and finally transaction monitoring. "It's not all doom and gloom. The most effective method of defense
is a multilayered approach," Rivner said. "The threats are becoming
more mass market and scalable, but the industry is developing an
arsenal of tools to fight them."
Posted at 05:08AM Nov 05, 2008 by admin in Antivirus | Comments[1]
Posted by Cris on November 05, 2008 at 02:06 PM EST #