Monday, December 22, 2008

Who Says Crime Doesn't Pay?

According to Brian Krebs, a Computer Security journalist with the Washington Post, Cybercriime is a lucrative business and is growing exponentially.  He refers to McAfee's annual "Virtual Criminology Report" (pdf) which states that online scams quadrupled in the last quarter of 2008. 

Also, (see chart on left) the number of viruses/bots, trojans and potentially unwanted programs (PUPs) are not only on the rise, but almost off the charts.  Why is this relevant?  Because (see 3 Key Findings illustration below) based on the report, law enforcement is "ill-equipped" to cope with this growing (insurmountable?) surge in PC attacks designed to steal personal information. 

So apparently "Crime Does Pay"...at least cybercrime. 

Put in simple terms,  software is soft... which is why HomeATM's Internet PIN debit approach is hardware based.  As long as hardware isn't tampered with (I  would find it highly unlikely that anybody's going to break into one's home to tamper with HomeATM 's Personal Card Swiping Device) it's the safest, most secure way to transact.  It's more convenient too...just swipe versus type!  But convenience takes a back seat to security, and if you have any doubts about how easy it is for cybercriminals to see what you type, then Google "PC Hijacking" or "keylogging." 

He's a snippet from Mr. Krebs article.

Report: Cybercrime is Winning the Battle Over Cyberlaw

Law enforcement agencies worldwide are losing the battle against cyber crime at a time when criminals are increasingly using the global economic downturn to make headway in recruiting more computers and computer users to further illegal online activities, a scathing new report from security vendor McAfee concludes.

McAfee's annual "Virtual Criminology Report" (PDF) notes that the number of compromised PCs used for blasting out spam and facilitating a host of online scams has quadrupled in the last quarter of 2008 alone, creating armies of spam "zombies" capable of flooding the Internet with more than 100 billion spam messages daily.

In an increasing number of cases, those missives are playing on public fears over the battered economy, pitching recipients on too-good-to-be-true job offers aimed to enlist them in cybercrime operations, McAfee said.

"Cybercriminals are cashing in on the fact that the economic downturn is causing people worldwide to increasingly turn to the Web to seek the best deals and jobs, and to manage their finances," the report charges. "They are preying on fear and uncertainty and taking advantage of the fact that consumers are often more easily duped and distracted during times of difficulties. In fact, opportunities to attack are on the rise."

At the forefront of this worsening problem are so-called "money mule" scams, in which criminals make use of third parties -- often unsuspecting consumers -- to launder stolen funds. Mule recruitment is an integral part of many cybercrime operations because money transferred directly from a victim to an account controlled by criminals is easily traced by banks and law enforcement.

The mules, therefore, serve as a vital buffer, making it easier for criminals to hide their tracks. However, criminals tend to view money mules as expendable resources, because those unwitting accomplices usually either are confronted by authorities or lose money as a result of their participation in the scams.

In most cases, money mules are recruited via online job postings touted in spam. McAfee said that some 873 money-mule recruitment Web pages were detected in Britain alone in the first half of 2008, a 33 percent increase over the first half of 2007. That data was gathered by APACS, the United Kingdom's payment-industry trade group.

An investigation by washingtonpost.com earlier this year into a money mule network uncovered a database of thousands of U.S. citizens who had responded with interest to a single money mule scam e-mail campaign.

(continue reading at the Washington Post) or go to the McAfee Report here




Reblog this post [with Zemanta]

Disqus for ePayment News