Feeds

Cybercrooks ramp up recession-themed scams

DoJ Untouchables plan crackdown

High performance access to file storage

Cybercrooks have adapted to the global economic crisis with scams based on topical subjects such as refinancing or unemployment in a bid to reel in vulnerable marks.

A survey by brand protection firm MarkMonitor on four leading financial brands reveals that fraudsters are targeting vulnerable individuals looking for ways to keep their head above water during tough times economically. "Scammers are preying upon consumer hardship, demonstrating incredible creativity in combining technology, social engineering techniques and current events," said Frederick Felman, chief marketing officer at MarkMonitor.

As part of its Brandjacking Index exercise, MarkMonitor sifted through 134 million public domain records, countless web pages and billions of spam email messages searching for scams focusing on terms such as foreclosure, mortgage, refinance and unemployed.

It found numerous example of phishing and suspected domain squatting. More than 7,300 cybersquatted domains were located, 16 per cent of which were established after September 2008. Crooks registered domains that incorporated the name of the four targeted brands with "credit crunch relief" terms at the rate of more than one domain per day between September 2008 and April 2009, MarkMonitor reports.

Phishing attacks against the same four financial brands hit 10,000 during Q1 2009, a 36 per cent increase from the previous quarter.

Looking at phishing fraud more generally, MarkMonitor found that 93 organisations were phished for the first time in Q1 2009. Four in five (82 per cent) were financial brands.

Payment service providers, more even than banks and financial services firms, bore the brunt of scam email attacks, featuring in 42 per cent of scam emails. Attacks on social media websites trebled, albeit from a previously miniscule base.

In related news, US consumer watchdog the Federal Trade Commission is due to launch a campaign targeting recession-themed scams. Operation Short Change - more details on which are expected to emerge at a launch event on Wednesday - will also bring the Department of Justice on board in a law enforcement sweep "cracking down on frauds fueled by the economic downturn". ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
OpenSSL Heartbleed: Bloody nose for open-source bleeding hearts
Bloke behind the cockup says not enough people are helping crucial crypto project
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
Experian subsidiary faces MEGA-PROBE for 'selling consumer data to fraudster'
US attorneys general roll up sleeves, snap on gloves
Oz bank in comedy Heartbleed blog FAIL
Bank: 'We are now safely patched.' Customers: 'You were using OpenSSL?'
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.