“The threats we uncovered last month”, explains GFI senior threat researcher Christopher Boyd, “illustrate the consistent reuse of tried-and-true attack methods slightly modified to target new groups of potential victims. Most cyber-attacks at any given time rely on old techniques deployed with a new disguise. The reason we see them again and again is quite simply because they work, and we anticipate 2012 to bring many fresh takes on old scams.”
One example of this new use of old tricks approach has been highlighted by David Harley. He describes a new Spanish lottery Nigerian scam written in Gaelic. GFI has also seen several new variants of fake anti-virus systems – scareware – that falsely warn users of non-existent malware infections. Scareware has been one of the most common threats for the last two years.
The GFI report notes that bank oriented phishing remains a consistent threat (see, for example, the FBI’s warning about the new Gameover Zeus variant). GFI also highlights the growing use of the Blackhole exploit kit by criminals. Amazon users are currently being tricked into visiting fake sites hosting Blackhole. This then takes advantage of any unpatched Windows operating systems. It downloads an infected PDF file that exploits a vulnerability in Adobe Reader to install further malware on the victim’s PC.
The solution, says Boyd, is user awareness to avoid the social engineering that lies at the base of most infections. “Knowing how cybercriminals operate and understanding how to recognize common attacks are the first steps toward keeping your PC clean and your personal information safe.”