Phishing, spam, viruses: what next?

There are an increasing number of warnings being issued to users about the threats associated with spam, such as viruses and 'phishing' scams.

In recent months there have been a number of incidents of 'ghost' banking websites, which attempted to lure unsuspecting users into revealing confidential bank account details.

Leanne Fleming, senior security consultant at security services provider TruSecure, told iTnews that spam, such as 'phishing scams' were becoming quite widespread at the moment.

TruSecure describes phishing as a scam which uses fake websites to "lure unsuspecting users into disclosing personal and online banking account information".

"This enables online con artists to access the victim's credit and debit card accounts and assume their online identity, or use their bank accounts to transfer funds overseas," stated a TruSecure statement.

Fleming said that phishing was increasingly moving into the electronic field. This might include trying to get user's passwords or credit card details. Some were also spoofing vendor websites, to attempt to get unsuspecting network or systems administrators to click on a link for a patch which would cause them to download malicious code.

There needs to be increased education of users, particularly about SSL (secure sockets layer), Fleming believes. "The technology is there to allow consumers to protect themselves against phishing," she said. "SSL, for example, has been around for the past eight years but consumers have yet to get to grips with it."

Recent virus outbreaks have also lead to industry pundits warning about the changing face of virus writing.

David Banes, technical director Asia Pacific at managed services provider MessageLabs, said that Mimail.J was a prime example of a "new and sinister trend" in the virus writing community.

"Historically, viruses have primarily been written by misguided young adolescent males with either malicious intent, a chip on their shoulder, or a desire for notoriety amongst their virus-writing pals," Banes said. "What we are beginning to see now is a shift towards actual fraud, where financial gain by deception is the primary objective."

Banes described Mimail.J as a "vehicle for the delivery of an email designed to defraud unsuspecting users".

"This suggests that the mindset of the virus author is changing, whereas once disruption was motivation enough we are now seeing a new breed of cybercriminal intent on using viruses as a means of lining their own pockets," he said.

Viruses that had a "hit and run style approach", were not engineered to have any longevity, Banes added. "Instead they rely on duping a crop of unsuspecting users before a new variant is released and the process begins again."

MessageLabs today issued a warning that the Mimail worm was spreading fast. According to a statement issued by the company, the initial copy came from France, with the majority of infected emails to date sent from the US.

The worm spreads by mailing copies of itself to email addresses harvested from infected computers, it stated. MessageLabs has recorded more than 20,000 copies of Mimail.J intercepted to date.