by Ondrej Krehel
The email looks like it came from your bank. It seems important. The wording is polite, but there’s a tone of urgency. Might as well click the link, right? You click the link.
The website looks just like your bank website. Same logo. Same introduction text and picture of a silver-haired couple coasting to a happy retirement. You enter your username, password.
A new screen pops up. You’re not so familiar this one. The tone is urgent again. Please reconfirm your username, reconfirm your password. Now they want your full name, address and date of birth. This is odd. Oh, and Social Security number. The question is right at the bottom next to the Submit button.
Would your bank ask you these questions in an online form?
In this new cyber world of ours, the answer is No.
Hackers create approximately 8,000 malicious websites a day, 57,000 a week that model legitimate websites, a study shows. Nearly two-thirds of the trick websites had to do with banks. The best of them work their way into search engines.
And if you don’t fall for a fake website, hackers have even stronger weapons in their arsenal: Trojans and botnets that can beat antivirus. Take Zeus, for example. A botnet, Zeus was the main tool used by hackers recently arrested by the FBI on charges of lifting more than $10 million from U.K. banks and $3 million from U.S. banks. Zeus, which opened digital backdoors on the banks’ computer networks, is active on more than 150 servers online right now.
Unlike a virus, botnets are controlled remotely—the name is derivative of robot—so hackers can activate them to engage a mass security attack, spam campaign or other malicious activity, marshalling several computers from one control center.
There is even a mobile phone version of Zeus, which can drain your bank account by confirming transactions via SMS. First your PC is hacked, and then your smartphone.
And it’s all for sale online, in underground forums. Zeus ranges from $700 to upward $3,000 for more sophisticated versions, but can command significantly more if infected computers, posed to strike, are part of the deal.
Where are these attacks coming from? The short answer is everywhere, but they’re concentrated in Asia, Eastern Europe, Russia and the Middle East. AVG recently found that Japan and Sierra Leone were among the safest places to surf online, while surfing in Turkey and Russia posed the most risk.
Dshield.org, a popular computer security site, tracks the source IP of Internet attacks. Recently the top six attacks all started from China and were reported anywhere from 85,000 to nearly 700,000 times. And this is only what is known and tracked. It boggles the mind to think about the numbers of the unknown and undetected.
Ondrej Krehel, Chief Information Security Officer, Identity Theft 911
Ondrej has more than a decade of network and computer security experience. His expertise extends to investigations of intellectual property theft, massive deletions, defragmentation, anti-money laundering and computer hacking. He led U.S. computer security projects at Stroz Friedberg and worked in IT security at Loews Corp.