The Rise of Cybercrime
By Daniel Cuthbert, March 25th, 2009.
As the global recession starts to intensify, especially in the United Kingdom, many companies are reporting an increase in attacks aimed at their online presence. With so many employees losing their jobs, and the ease and availability of tools and information relating to hacking, many are making the transition from white-collared workers to hackers.
Attacks against retailers and financial companies on the Internet are not new. Attackers have been exploiting vulnerabilities and weaknesses within online web applications for years. The difference right now though is that it is no longer the career criminals who are attacking, but the “average Joe.”
The Internet makes information easy to access and instructions on how to exploit these vulnerabilities are readily available. Years ago it was more akin to a dark art form. Running the tools and hacking into sites wasn’t exactly a point and click exercise. However, today the amount of experience required is considerably less, and as it’s much easier to break into a website and steal information it’s attractive to those that are out-of-work.
Phishing attempts, often sent out using e-mail, are sophisticated and fine-tuned to target individuals. Often they communicate with the target in a manner in which they would relate such as a job offer or details of a recent redundancy. It’s techniques like these that are causing many to click on the links and fall victim to fraud.
Websites often deploy security mechanisms to ensure that account information is kept as safe as possible. However, problems occur when these mechanisms are defeated by online social networking sites, such as Facebook and Friends Reunited. For example, if an attacker wanted to gain access someone’s account, often they would have to pretend to be them. If you wanted to change your password, often you would be required to give a piece of information that only you might know, such as your place of birth, favorite sport or mother’s maiden name. With social networking sites, however, this information is readily available to anyone, so gaining access to your account isn’t as hard as you think.
