August 29, 2007

You’ve Got Junk Mail

2006 was the year of computing dangerously, however, 2007 could be worse. That was the assessment of computer security experts who said that 2006 was marked by an unprecedented increase in junk email and sophisticated Internet attacks by cyber crooks.

Few experts believe 2007 will be any brighter for users who are already struggling to avoid clever scams while and shopping on line or just surfing the web. Online criminals are getting smarter about hiding personal data they have stolen on and are using new methods for attacking computers.

One of the best measures of the rise in cyber crime is junk mail or spam, because much of it is relayed by computers controlled by Internet criminals. More then 90 percent of all email sent on line in October 2006 was unsolicited junk mail with spam messages rising by 73 percent in the past two months as spammers began embedding their messages in images to evade junk email filters that search for particular words or phrases. This is putting more pressure on network administrators and IT staff because junk mail laden with images typically requires 3 times as much storage space and Internet bandwidth as a text message. Spam volume is often viewed as a barometer for the relative security of the Internet community in part because most spam is relayed via “its” a term used to describe personal computers that online criminals have taken control of surreptitiously with computer viruses or worms. The more computers criminals control and link together in networks or botnets the greater the volume of spam they can blast onto the Internet. At any given time 3-4 million comprised computers are active on the Internet. Cyber criminals are expected to steal about $2 Billion this year with “phishing” scams that involve the use of spam and fake web sites to trick computer users to disclose financial and other personal data.

Another trend experts are seeing is the shift from of Internet criminal activity from nights and weekends to weekdays suggesting that on line crime is becoming a full time profession for many. Symantec, a top Internet security firm, reported that the bulk of attacks are now coming in Monday through Friday in the 9 to 5 workday timeframe.

The past 12 months also brought a steep increase in the number of software vulnerabilities actively exploited by criminals. Microsoft issued software fixes to 97 security holes that it classified as critical. In 2005 Microsoft only issued 37 critical updates.

Many security experts speak highly of Microsoft’s Vista their newest Windows application to be released in January 2007. However, some security vulnerabilities have already been identified in Vista including one in its new browser, Internet Explorer 7. Moreover experts believe businesses will be slow to switch over to Vista and even so Microsoft would still have to battle security holes in their legacy versions of its Office product.

Some software security vendors suspect that a new virus that surfaced last month called “Rustock B.” and viewed as on of the nastiest mal-wares ever seen may serve as the template for future malicious software.

Some symptoms of malicious software include:

• Poor computer performance, including slower response times and longer start up and shut down times
• Dramatic loss in Internet connection speeds
• Loss of hard disk space
• Web browser frequently closes for no apparent reason
• Browsers homepage resets and can’ t be changed
• New desktop icons and applications, like toolbars, suddenly appear
• Access to various computer security related websites is blocked
• Pop up ads appear even when the Web browser is closed

Suggested Antidotes:

• Install a firewall and anti-virus software
• Download security patches regularly
• Be aware of what you are installing and only download software from trusted web sites.