Filtered By: Scitech
SciTech

Cybercriminals turn to Google+, security firm warns


Barely one month old, all eyes —including those of cybercriminals— are on Google’s latest foray into the social network community, Google+, as predicted by security software company Kaspersky Lab. Kaspersky Lab expert Maria Namestnikova said in their June 2011 Kaspersky Lab Spam Report that there could be a surge of spam in the coming days that are linked to Google+ as indicated by spammers trying to exploit growing interest in the new social networking service. Targeting Google+ is an obvious move considering that two social networks, Facebook and Habbo, have likewise seen increases in phishing attacks for the month of June. “We expect an increase in unsolicited emails exploiting the new Google social network. They will most likely contain both phishing links and malicious code," said Maria Namestnikova, senior spam analyst at Kaspersky Lab. Namestnikova said that in June, phishers again tuned in on Google, which posted a 2.5 percent share in all phishing emails. Google’s Orkut social networking service accounts for about 0.08 percent of all phishing traffic for this month. While this is a small figure, it already shows the potential of Google+ as a target for phishers. Google+ integrates several existing Google services, as well as new ones. Since its creation last June 28 on a limited basis, the service has already reached 20 million users, according to comScore. Meanwhile, Kaspersky Lab reported that the rank among the targets of phishing emails for June remains unchanged. Among the top targets are PayPal (44.73 percent), eBay (9.54 percent), Habbo (8.54 percent), and Facebook (6.67 percent). The most common type of phishing spam being sent is related to computer fraud, which accounts for 29 percent of all phishing traffic. Namestnikova warned that this means that the intention is to extort money from would-be victims. Some of these phishing emails also contained malicious codes. Apart from computer fraud, phishing emails related to health-related services and products are the second leading cause of phishing traffic. This is followed by personal finances (12.1 percent), other goods and services (9.6 percent), and fake designer goods (5.3 percent). Russia and the US remained as countries where malicious software such as fake antivirus was detected most frequently in mail traffic. Russia was at the top with the amount of blocked emails with malicious attachments (14.16 percent), though this decreased slightly from the previous month. The US, which ranked second, reported 10.56 percent in mail traffic with fake antivirus. It also reported a very slight decrease of just 0.3 percentage points from the previous month. Meanwhile, the top five malicious programs distributed via mail traffic in June 2011 were Trojan-Spy.HTML.Fraud.gen (7.6 percent), Email-Worm.Win32.Mydoom.m (6.21 percent), Trojan.HTML.Fraud.fc (3.62 percent), Email-Worm.Win32.Bagle.gt (2.99 percent), Packed.Multi.MultiPacked.gen (2.66 percent). “As we have already mentioned in previous reports, Mydoom.m andNetSky.q are malicious programs whose only functions are to harvest email addresses and to send copies of themselves to these addresses. Bagle.gt is yet another mail worm, but with more sophisticated functionality: it not only collects email addresses and sends a copy of itself to all email addresses harvested from the victim’s machine but downloads malicious programs itself from Internet resources," Namestnikova said. Among the highlights of the Kaspersky Lab June 2011 Spam Report are news related to anti-spam campaigns and legislation. For instance, in June, the Japanese parliament passed an important law that makes the creation, distribution, purchase, and storage of malicious programs as well as the distribution of pornographic spam a criminal offence. In Russia, notorious spammer Leonid Kuvayev attended a hearing on June 7 in which he was accused of sexual crimes against minors. On June 23, pharmaceutical spammer Pavel Vrubelevsky, was arrested on 23 June at Sheremetyevo airport. Vrubelevsky is known as the one who ordered a distributed denial-of-service (DDOS) attack on the Russian e-payment system Assist in July 2010. — Newsbytes.ph

LOADING CONTENT