Scam-tastic
Scammers have begun shifting their focus away from Windows-based PCs to other operating systems and platforms, including smart phones and tablets in a ‘major cybercrime turning point' according to a new report.
Cisco's 2010 Annual Security report revealed PC platform vendors have shored up security in their products and taken a more aggressive approach to patching vulnerabilities so scammers are finding it harder to exploit platforms such as Windows and are having to cast their net wider to make money. Consequenly other platforms are being targeted more.
The report also found that the widespread adoption of smartphones and apps is driving the cybercrime shift and it said: "Third-party mobile applications in particular are emerging as a serious threat vector."
While technology is undoubtedly helping cybercriminals plot more elaborate scams, the report also warned that most exploits hinge on misplaced human trust. It lists: sex appeal, greed, vanity, trust, sloth, compassion and urgency as the 7 weaknesses that cyber criminals' best exploit through social engineering scams.
Looking forward, Cisco's report predicts that ‘money muling' operations (where people are recruited to set up bank accounts, or even use their own bank accounts, to help scammers 'cash out' or launder money) will be become more elaborate and international and will be "a major focus of cybercriminal investment in 2011".
Cisco has also predicted where profit-oriented scammers will channel their resources toward in 2011. Based on performance in 2010, it reckons that data-theft Trojans such as Zeus, easy-to-deploy Web exploits, and aforementioned money mules will continue to rise in prevalence in 2011.
"The ‘wait and see' moneymakers include mobile malware, with Zeus already being adapted for the mobile platform in the form of SymbOS/Zitmo.Altr (Zitmo stands for Zeus in the Mobile)," said the report.
However, social networking scams "will not be a significant area for cybercriminals to invest resources in 2011" according to Cisco's report. It said: "That does not mean that social networking scams are declining; they are simply a small part of a bigger plan - launching Web exploits like the Zeus Trojan."
Patrick Peterson, fellow at Cisco, said: "Everyone knows the joke about the two hikers and the hungry bear in which the swifter hiker explains his footrace is not against the bear but the other hiker. The cybercriminal bears have been feasting on the "slowest hiker" Windows platform for the last decade. But with increased security in the Windows operating system and applications, the bears are looking elsewhere to satisfy their hunger."
"Mobile and emerging operating systems are hikers that the bears have largely ignored until now, but they are beginning to look much more appealing. These bears are also finding opportunities in the explosion in mobile-device usage, where we're seeing a growing number of exploits aimed specifically at mobile users," he added.
