1 in 3 Web Users Are Victims of Viruses, Spyware Or Phishers

PayPal Offers Phishing Challange

Google to warn about malicious sites
Google is issuing this warning to people who try to click on links to sites with spyware or other malicious code: "The site you are about to visit may harm your computer!"

The user may continue to the site if they wish, or visit StopBadware.org to learn more about the project, which is also sponsored by Google.

Unlike competitor SiteAdvisor the program is new and there are an extremely limited number of malicious sites identified at this time. SiteAdvisor has a much more comprehensive list and works with search engines from Google, Yahoo and others. Still every little bit helps

According to an AP article a Google company statement said "To begin we'll only be identifying a small number of sites, but we'll be expanding our coverage over time, Finding new and better ways to protect our users is a perpetual project, and we'll continue to work hard in this area."
October 2007 - PayPal, the online payment arm of eBay, has put up an Antiphishing Challenge on their website. You can take the challenge and see how you measure up when it comes to protecting yourself against these attacks. The challenge is on PayPal’s site (here) .

Phishing is the act of attempting to trick someone into giving them confidential information for the purpose of stealing their identity or to outright rob them. For example: sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering passwords, account numbers and credit card PINs so the “phisher” can access those accounts and steal from the user.

Phishers will often send out mass e-mailings to addresses they obtain via spyware. These mailings look exactly like the emails you might get from your bank, eBay, or any other financially related website. The emails often tell you your account has been compromised and that you need to log in and confirm your account in some way. The link in the email takes you to a website that looks identical to the log in page of the financial institution’s website. When you log in some phishers will present another page with entry forms for a lot more personal data, some sites just seem to malfunction and nothing happens (from your point of view).

One of the most infuriating things about these emails is that they are originating from computers in your neighborhood. That is to say a spyware infected computer can be turned into a "zombie" that spews out more spyware, viruses and phishing attacks*. These zombies form into an ever changing network of untrackable resources for the villians. Your typical teenager downloading his or her favorite music via Limewire or another filesharing programs is responsible for the email that brought down another neighbor's credit history.

At this point your log in information has been stolen, and the phishers can log in as you, and change your user name and password, locking you out of your own account. They can transfer funds out of your bank account (example), or in the case of eBay they can offer expensive items for sale, then take the money and deliver nothing, leaving you looking like a thief.

Government officials are attempting to fight phishing attacks but the anonymity of the internet makes their efforts impossible to enforce. Credit card companies have no reason to invest in fighting these thefts because their “no fraud” charges rule makes the merchants absorb any out right costs, and the person that has been robbed absorbs the cost of righting their good name.

So it all comes down to you. If you don’t stop phishing from ruining your reputation, your credit, and your bank account, nobody will. Take the PayPal challenge and see how you are doing!

* More info on zombie networks at The Register

By Antone Gonsalves, TechWeb
6:57 PM EDT Tue. Aug. 08, 2006
reprinted from CRN.com


The odds of becoming a victim of viruses, spyware, or phishing are about one in three, Consumer Reports said Tuesday in its annual report on the Internet.

In addition, U.S. consumers spent at least $7.8 billion over the last two years for computer repairs, parts and replacements, because of malware attacks, the non-profit magazine found in its 2006 State of the Net report.

The odds of becoming a cyber-victim were the same as last year, an indication that efforts to combat cyber-crooks were having some impact, Consumer Reports said. Declines were recorded in virus and spyware infections since 2005, but both remained epidemics.

The spring survey of 2,000 U.S. households with Internet access also found 20 percent without antivirus software and 35 percent without spyware blockers installed in computers.