New Cybercrime Scams
A couple of days after I wrote last week that we will likely see an increase in the incidence of cybercrime as the world weathers the recession, the Wall Street Journal, in its role as an actual news gathering organization, documented what some analysts are seeing.
The bulk of the story appears based on an interview with Avivah Litan of the Gartner Group as many of the facts in the store come from presentations I've seen Ms. Litan do at various Gartner conferences. She is, incidently, one of the most articulate analysts covering the cybercrime space. If you ever have a chance to see her speak...do. The story also contains some data from the FBIs Internet Crime Complaint Center, but as it dates from , it doesn't really shed much light on what's happening currently.
The most interesting part of the story for me is the description of "spear phishing" in which specific individuals are sent pitches to which they're very likely to respond based on their profession or role within their company. The classic case here is sending a CEO or other executive an email indicating they're being called to testify in court. The target then clicks on the link to learn when/where to appear and their machine is infected with malware of some kind.
There's also a brief description of some of the tactics being used to leverage both IP phones and the increase in traffic on job boards to trick people into downloading malware or worse. The best defense against the growing array of scams being perpetrated is a combination of current malware protection tools on your PC, staying educated about what scams are "hot" and an inherent skepticism of any email, phone calls, or IMs from addresses you don't recognize. Even in combination it's not foolproof, but it's better than the alternatives.