Governance & Risk Management

Online Crime up Nearly 600% in '09

Expert: 'The Internet Has Never Been More Dangerous' Bogus security software applications are among the types of electronic crimes that grew 585 percent over the first half of this year, according to a new study.

The Anti Phishing Working Group's (APWG) latest report shows that rogue anti-malware programs, infected computers and crimeware broke new records in the first half of 2009. The report shows that criminals are innovative and have "apparently unchecked ambition" with crimeware designed to target financial institutions' customers.

Most disturbing for financial institutions are the attacks against corporate bank accounts, says APWG's Chairman Dave Jevans. "These attacks target the CFOs and then attempt, sometimes successfully, to take over the corporation's online banking credentials to make corporate wire transfers."

This attack trend has grown to the level that industry associations, including the Financial Services Information Sharing and Analysis Center (FS-ISAC) and NACHA along with banking regulators, sent out alerts to their financial services members this summer.

"Before this, phishers targeted individual users, not corporate accounts," Jevans says.

The report also shows:

  • The number of unique phishing websites detected in June rose to 49,084 -- the highest since April, 2007's record of 55,643, and the second-highest recorded since APWG began reporting this measurement.

  • The number of hijacked brands ascended to an all-time high of 310 in March and remained at an elevated level to the close of the half in June.

  • The total number of infected computers rose more than 66 percent to 11,937,944 - now more than 54 percent of the total sample of scanned computers.

  • Payment Services became phishing's most targeted sector, displacing Financial Services. Jevans notes that institutions' customers still are a primary target of electronic criminals.

"The Internet has never been more dangerous," Jevans says. "In the first half of 2009, phishing escalated to some of the highest levels we've ever seen."

Of even greater concern is the skyrocketing sophistication and proliferation of malicious software designed to steal online passwords and user names. The number of banking trojan/password-stealing crimeware infections detected increased more than 186 percent. "New malicious software such as the Zeus trojan exhibit a level of sophistication that would make the best software programmers envious," he says.

About the Author

Linda McGlasson

Linda McGlasson

Managing Editor

Linda McGlasson is a seasoned writer and editor with 20 years of experience in writing for corporations, business publications and newspapers. She has worked in the Financial Services industry for more than 12 years. Most recently Linda headed information security awareness and training and the Computer Incident Response Team for Securities Industry Automation Corporation (SIAC), a subsidiary of the NYSE Group (NYX). As part of her role she developed infosec policy, developed new awareness testing and led the company's incident response team. In the last two years she's been involved with the Financial Services Information Sharing Analysis Center (FS-ISAC), editing its quarterly member newsletter and identifying speakers for member meetings.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.