Though
botnets have caused a large volume of junk
email in recent months, security researchers are more alarmed at
the rise in their level of sophistication, warning that targeted
phishing attacks are making their way into corporate email
servers.
 | | | | | They've reached a level of
sophistication that we usually associate with commercial grade
products.
Mark Sunner,
chief security
analystMessageLabs |
| | | | | |
| |
|
"They've reached a level of sophistication that we usually
associate with commercial grade products," said Mark Sunner, chief
security analyst at MessageLabs in New York. "We've seen the
activity change and now botnets are spammed out in discrete
chunks."
In November, the global amount of
spam in email traffic grew to nearly 90% of
all global email traffic, according to statistics kept by
MessageLabs. And that percentage is expected to hold in
December. In addition, the vendor reported that 1 in 200 emails
contained some type of phishing attack. MessageLabs said more
than 68% of all malicious emails intercepted recently have been
phishing attacks, a steady increase over the previous
months.
Security researchers predict 2007 will be a year in which the
level of sophisticated attacks grows to alarming levels. The bad
guys are beginning to comb through social networking Web sites such
as MySpace and others, said Sunner, and pull out addresses, zip
codes and other identifying data to make a phishing email seem
genuine to a victim.
"In some cases, it will be a bank they use and it is addressed
to the victim so these attacks can be very successful," Sunner
said. "The bad guys can plunder the databases of big social
networking communities and make a successful run with spam."
Alfred Huger, senior director of engineering at Symantec
Security Response, observes more than 7 million total phishing
attempts each day.
"Raw phishing attacks have gone up significantly to more than
900 unique phishing attacks each day," Huger said.
Attackers, Huger said, are harvesting email addresses from
people who live in the same geographical area. Victims are then
sent a phishing email that appears to come from a bank or other
financial institution in the area, he said. Moving into 2007, Huger
predicts that phishing attacks will become even more targeted and
harder to detect as fraudulent.
"The trust factor is high and people are more likely to fall
prey to it, because they're not generally expecting their own bank
to be more involved in it," Huger said
Smishing – attacks using SMS – will also increase in 2007, as
cell phones with email and other messaging features increase in
use, Huger said.
"Our phones are now becoming mini computers and anything that
can happen to us, on our PC is likely to effect us on our phone,"
he said. "Some enterprises are starting to have well articulated
policies about mobile device use while others have none. There's
not a lot of middle ground."
Companies and consumers can take basic steps to fight back.
Financial institutions are improving authentication features and
are ramping up education efforts to help customers understand when
their bank is legitimately contacting them, Huger said. Consumers
can take action and help fight online fraud by submitting phishing
sites to the Symantec Phish Report Network.
Rootkits on the rise
Attackers began using rootkit technology more widely in 2006, Huger
said, and their use will continue to increase in 2007.
A rootkit is a collection of software tools that gives an
administrator access to a computer or network. Once installed, an
attacker can remain hidden and can install spyware and other
software that monitors keystrokes or alters log files. While
Microsoft's launch of Vista may cut down some of the use of
rootkits, their overall use will become standard in 2007. User-mode
rootkit tactics are now commonplace; kernel-mode rootkits are also
increasing in use, according to Symantec.
"A rootkit is a more powerful tool," Huger said. "We're seeing
more of [them] because security products are becoming more
powerful, and attackers have to up the ante."