McAfee warns of mounting online identity attacks

The number of internet-based attacks designed to steal personal identities has grown dramatically over the past two years, security firm McAfee has revealed in a report on identity theft.

Between January 2004 and May 2006 the number of keylogger programs, which capture personal information such as credit card details, rose by 250%, according to the report, and the number of alerts issued by the anti-phishing working group increased by a factor of 100.

Growth in electronic information theft is contributing to high levels of identity fraud, which has cost an estimated $3.2bn (£1.6bn) in the UK over the past three years.

Victims include South African customers of Standard Bank, who lost several hundred thousand rand after criminals installed Trojans in cybercafés and on other public computers.

In a recent study in the US, research firm Gartner estimated that 19% of people who received phishing e-mails –the equivalent of 11 million US internet users – clicked on a link to a fraudulent website. About 2.4 million reported losing money.

The volume of data-stealing Trojans in circulation on the internet has grown, following the publication of toolkits which allow hackers to write their own.

One Russian, nicknamed Corpse, is selling a tookit online for between $200 and $500. The kit has been used by hackers to create multiple versions of a sophisticated password-stealing Trojan called Backdoor-BAC.

Hacking kit threatens e-commerce security

Scope out your ID risks and goals

Comment on this article: computer.weekly@rbi.co.uk