February 10, 2012

GFI Report Indicates that Cybercriminals are Out to Get Vulnerable Internet Users

By Mini Swamy TMCnet Contributor

The first month of the New Year didn't start off quite right for many Internet users as cybercriminals stalked Internet corridors and sought to infect systems and scam users with new malware attacks. The 10 most prevalent threat detections encountered during January 2012 figured in the VIPRE report released by GFI Software.

GFI's ThreatNet automated threat tracking system revealed that Trojans continue to pose the greatest threat and occupied half of the top 10 positions.

Gamers, small business owners and even government organizations were attacked. Malware writers and Internet scammers also targeted a wider cross-section of the population on highly trafficked websites.

The January 2012 report showed that cybercriminals took advantage of the hype and excitement surrounding Pro Evolution Soccer 2012 and the Halo video game series and offered bogus invites in return for filling out surveys.

Tumblr users were offered "free Southwest Airlines tickets" in exchange for taking surveys and submitting personal information by a bogus "Tumblr Staff Blog." A misspelled URL leading to sites promising fake prizes or asking for personal information was another way they enticed users.

Even the shutdown of a popular hosting website Megaupload was exploited by scammers, who enticed visitors to take a look at the FBI notice posted on the site.

"Anyone who goes on the Internet is a potential target for cybercriminals looking to infect systems and scam users," said Chris Boyd, senior threat researcher at GFI Software, in a statement.

According to Boyd, the main aim of these cybercriminals is to cripple as many systems as they can by casting a wide net and tricking as many users possible. Hence, once they know the profile of the group they want to attack, they will go to any length to increase their chances of success.

Boyd cautioned Internet users about clicking on links that pertain to their interests, more so when they were being asked to submit personal information online.

GFI Labs specializes in the discovery and analysis of dangerous vulnerabilities and the research team actively researches new malware outbreaks, creating and testing new threat definitions on a constant basis for the VIPRE home.

In addition, phishing e-mails in the form of notices from the Better Business Bureau also contained malware links. Even US-CERT, a government body, was used to introduce the Zeus Trojan.

Mini Swamy is a contributing editor for TMCnet. To read more of her articles, please visit her columnist page.

Edited by Carrie Schmelkin

View More