By Computerworld Philippines Staff
January 21, 2010

The steady growth of Cybercrime, or crimes committed through the Internet, had an adverse effect among users of social networking sites particularly on the confidence and trust issues.

RSA, the security division of EMC, recently announced the results of its 2010 Global Online Consumer Security Survey, which revealed that consumers are now more aware of phishing threats, but new attack methods duped six times as many in just two years.

More than 4,500 consumers ages 18 to 65 were polled in the survey regarding their awareness of online threats, concerns with the safety of their personal information online, and their willingness to share it, and desire for better identity protection.

The survey in general revealed that two in three people were reluctant to share on social networks and that three in 10 people fall prey to phishing attacks – a six-fold increase in just two years.

RSA said the consumers’ safety concerns translate to significant eagerness for better identity protection.

Of the more significant survey findings, consumer awareness of phishing attacks has doubled between 2007 and 2009 and the number of consumers who reported falling prey to this attack increased six times during that same period of time. Also, while hundreds of thousands of people join social networking websites each day, the survey exposed that nearly two in three (65%) people who belong to these online communities, indicated they are less likely to interact or share information due to their growing security concerns.

RSA commented social networking websites have become a hotbed for online criminals because of their global reach and the participation by hundreds of millions of active users from all walks of life. This makes these communities prime targets for exploitation by criminals who seek to steal personal information through socially engineered attacks.

Reflective of such trend, the survey exposed that four out of five (81 percent) people using social networking websites displayed concerns with the safety of their personal information online.

Christopher Young, senior vice president at RSA, said fraudsters continue to fine-tune their array of tactics that result in millions of computers becoming infected with Trojans and other malware.

“These online criminals are adept at social engineering with at-the-ready phishing attacks that are launched within moments of breaking news about popular celebrities, professional athletes or serious global events. In these cases, people are lured to legitimate websites infected with malware as well as complete fakes designed to look like well-known news sources,” Young said.

He added Trojans can easily be masked as “required” updates to a media player which can result in countless computers becoming infected with malware. “While it’s difficult to prevent consumers from visiting these websites, we can do a better job of protecting those who do,” Young claimed.

In the 2007 RSA survey, one in three (38%) consumers reported they were aware of the threat of a phishing attack – and this figure doubled in two years where three in four (76 percent) have become aware. Additionally, nine in 10 consumers (89 percent) reported concerns caused by the threat of phishing.

Despite increased awareness, there have been a growing number of online users that have fallen victim to a phishing attack. In the 2007 study, only one in 20 (5%) consumers cited to have fallen victim to a phishing scam – and this rate increased six times in 2009 to represent three in 10 (29%) consumers. This increase can be attributed to more advanced communications tactics and greater sophistication such as improved writing and web design skills on the part of the fraudsters.

Phishing attacks have also evolved in an attempt to exploit users in different ways and through a broader variety of methods including offshoots known as “vishing”, “smishing” and “spear phishing.”

The sheer volume of phishing attacks launched in recent months is also contributing to these trends. The RSA Anti-Fraud Command Center recently reported their highest-yet detected rates of phishing attacks between August and October 2009 and a 17% increase in the total number of attacks between 2008 and 2009.

Young said consumer education and awareness can serve as the first lines of defense in the ongoing battle against online crime.

“Organizations will continue to take advantage of the many benefits offered by the Internet and consumers will seek the convenience offered online – all despite the inherent risks,” he said. “In order to maximize the full value of what the online world can offer, organizations need to take a layered approach to Internet security in order to best protect their customers’ information.”

In the Philippines, the House of Representatives passed on third and final reading last Tuesday House Bill (HB) 6794, popularly known as Cybercrime Prevention Act of 2009. It seeks to address crimes committed via the Internet such as child pornography, illegal hacking of Web sites, phishing, data fraud, and the like by imposing corresponding penalties.

Ray Anthony Roxas-Chua, chairman of the Commission on ICT (CICT), said it is now up to the Senate, with its seven session days remaining to finally make it a law or start from scratch in the new administration to come. Chua and his co-officials at CICT are all praying for the approval of the Senate bill 2546 mandating the creation of the Department of ICT or DICT. – Tom S. Noda

Possibly Related Posts:

• Philippine BPO industry hails Senate’s passage of cybercrime bill
• You don’t deserve more time, says judge to Facebook, Google: report
• Oracle asks for retrial against SAP in TomorrowNow case
• Microsoft opens C++ extension for other compilers
• Prepare Your Business for Facebook Mobile Ads

 Print This Post