More phishing attacks and bot networks likely in 2005

Share this article:

The next year will bring more phishing attacks and bot networks as cybercriminals look for quick profit, Symantec researchers predict.

The second half of 2004 saw an increased use of networks of bots - compromised computers - to send spam, launch denial of service attacks or extortion schemes. The trend likely will continue in 2005, Vincent Weafer, senior director of Symantec Security Response said in an interview.

"We are seeing these systems being used increasingly for cybercrime," he said. "What's happening is the increasing influence of a group willing to pay money for zombie systems and exploits - for things that will make them money, such as getting passwords or cleaning out accounts."

This year only saw the "tip of the iceberg" when it comes to phishing scams, said Weafer. Smaller ecommerce sites will become targets next year and phishers will use increasingly sophisticated techniques to dupe users.

Weafer said unlike virus writers, who often aim to demonstrate new techniques, phishers simply want to use what works. So they'll continue to solicit people via email. But in the next two to four years phishers may start using instant messaging or voice over IP in an attempt to get people to visit bogus web sites and divulge sensitive data.

Malware in the form of mass mailers will continue to surface in 2005, but are on their way out, said Weafer.

"It's more effective for someone to use a network infector or a multi-infector, such as phishing, than a mass mailer," he said, adding that many organizations have rolled out technology to defend against mass-mailer types of malware.

Finding it difficult to break through perimeter defenses, attackers are increasingly focused on the client, Weafer said: "They're focused on the PC as the weakest link."

www.symantec.com
Share this article:
You must be a registered member of SC Magazine to post a comment.
close

Next Article in News

Sign up to our newsletters

TOP COMMENTS

More in News

ISSA tackles workforce gap with career lifecycle program

ISSA tackles workforce gap with career lifecycle program ...

On Thursday, the group launched its Cybersecurity Career Lifecycle (CSCL) program.

Amplification DDoS attacks most popular, according to Symantec

Amplification DDoS attacks most popular, according to Symantec

The company noted in a whitepaper released on Tuesday that Domain Name Server amplification attacks have increased 183 percent between January and August.

Court shutters NY co. selling security software with "no value"

A federal court shut down Pairsys at the request of the Federal Trade Commission.