Botnets, Trojans and Phishing…Oh my! The dedicated researchers at Symantec are at it again, scaring the living daylights out of companies and consumers with overwhelming evidence that the web is indeed a dark and foreboding place. If you wade through the nearly one hundred pages of gloom and doom in Symantec’s recent Global Internet Security Threat Report for 2009 you’ll want to either stock up on more security protection software or give up on the idea that any web transaction is every really secure. And if Symantec’s new report isn’t enough to rattle you, check out similar regular reports from any of the other big security players—McAfee, RSA, Trend Micro or CyberSource’s 2010 Online Fraud Report.
So why is e-commerce so fraught with risk despite the huge amount of money, effort, and technology devoted to making the online world safe? that’s simple: Because crime in the virtual realm has a lot going for it compared with traditional crime in the physical realm. Why use a gun to commit a robbery when you can use credit cards and stolen identities? Every fraudster, scammer and organized cybercriminal knows the five Big A’s: The five big advantages of doing crime online.
1. Affordability: You don’t need much more than a computer and an internet connection to commit virtual crimes.
2. Acceptable Risk: Cybercriminals bear a low risk of being caught or prosecuted.
3. Attractiveness: The universe of opportunity to commit cybercrimes is virtually unbounded.
4. Availability: With the help of automation, cybercriminals can operate a 24 x 7 criminal enterprise.
The critical fifth advantageous “A” is one that fraudsters know a lot about because without it they’re out of business: Anonymity.
The inherent anonymity of the Internet is a critical element that enables fraudsters to freely commit deception that leads to profit. As long as computers and people are vulnerable to hacking—both always have been, and always will be—cybercriminals will take advantage of the anonymity the Internet affords them.
There’s another “A” word that fraudsters are aware of that is a disadvantage to web fraud: Anomaly. Fraudsters manipulate computers to hide their tracks, and these attempts to mask the truth can trip them up. Take IP addresses for example. Lots of web sites—banks, social networks, internet retailers and many more—use your IP address to identify your computer and ancillary information, like its geolocation. Fraudsters use hidden proxies that conceal their true device location via an alternate IP address. By using a hidden proxy scammers can pretend to be in one location, frequently a U.S. city, when the device they are actually using to execute a fraudulent transaction is located in another country altogether. Our customers see this cloaking trick all the time. They’re able to go around hidden proxies to get the true IP address and geolocation which gives them another way to decide whether to trust—or block—the computer from their site.
I suspect fraudsters—mostly off-shore organized criminals—don’t read the state-of-information-security reports from the big security vendors, or if they do they use the information to advance their technology or adjust their tactics. In my next column I’ll shed more light on another powerful weapon of the cybercriminals that shows up in every security vendor report: botnets.
