Tuesday, February 15, 2011

Don’t let cybercriminals stump you online!

INDIA: The upcoming cricket World Cup 2011 has generated huge excitement not only among fans in India and across the world, but cyber criminals as well. Symantec has observed that big-ticket sporting events open up a vast playing field for attackers and the cricket world cup is no exception.

What’s different this time, however, is that we anticipate more sophisticated and targeted attacks, particularly against Indian users since the tournament will take place in the subcontinent.

With Internet usage in India growing rapidly (McKinsey estimates that the number of Internet users in India will grow fivefold by 2015 to 350 million), and the fact that tickets to matches are selling out very fast, cybercriminals are focusing their efforts on luring Indians with attractive ticket offers. Tactics used include spam campaigns, black hat search engine optimization (SEO), the injection of code into
legitimate websites, and malicious advertisements.

Watch out for fake tickets in PDF: These tricks, however, are likely to be “blended” threats, where spam emails and fake websites promoting cricket-related goodies can cause users to download malware on their systems. For example, emails with PDFs of tickets attached are a common vector.

Symantec’s Internet Security Threat Report XV revealed that the top web-based attacks involved applications that process PDF files, accounting for nearly half of the total attacks. This was a sizeable increase from just 11 percent the previous year. This attack is popular due to the common use and distribution of PDF files on the Web, and also because they can be executed across PCs, laptops and smartphones.

Search, and a cybercriminal may find you: Once the tournament begins, Indians are also likely to closely follow the matches online, searching for scores and updates. Cybercriminals know this; watch out for search engine results for terms like “World Cup”, “Cricket”, “Score” or “Cricket Schedules” that throw up malicious sites which can infect a user without his knowledge.

Rise in malicious websites: Websites that are set up for phishing attacks or to deliver malware, luring users by mimicking legitimate sites with a high degree of accuracy, may also increase. Symantec detects almost 4.4 million malicious web pages per month, according to the latest Attack Toolkits and Malicious Websites report. Symantec also observed more than 310,000 unique domains that were found to be malicious. Expect an increase in these sites using cricketing terminologies during the period of the world cup.

Website owners need protection too: This poses a threat not only to users, but also legitimate businesses that sell tickets and other World Cup gear online. Website that sell tickets and ask for financial or personal information should also be protected by SSL certificates and provide visible trust marks to verify their authenticity.