Symantec Report Triggers Alarm

FOR IMMEDIATE RELEASE
(Free-Press-Release.com) October 8, 2006 -- The latest Internet Security Threat Report released by Symantec shows that it is none other than home users, who are being increasingly targeted by attackers for identity theft, fraud, and other financially motivated crimes.

The report, which covers the six-month period between Jan 1, 2006, and June 30, 2006, underlines that home users are the most attacked group, accounting for 86 percent of all targeted attacks, to be followed only by businesses based on and around financial services.

The major vulnerabilities noted are: those affecting Web applications that account for 69 percent of all vulnerabilities documented; and those affecting Web browsers - with 47 such vulnerabilities found in Mozilla, 38 in Microsoft Internet Explorer, and 12 in Apple Safari.

Symantec's report indicates that most phishers are attempting to bypass filtering technologies by creating multiple randomized messages, and distributing these messages in a broad, uncontrolled fashion. Also, most spammers are opting to exclude malicious code so as to decrease chances of being blocked, and instead opting for links to Web sites that host malicious code.

Meanwhile, the motivation behind most of the threats remains financial gain, as is found that bot networks are being used, also to send spam/phishing messages, download adware/spyware, and attack organizations to harvest confidential information.

Yet other financially motivated attacks are using modular malicious code, which is malware that updates itself, or downloads even more aggressive threats, upon establishing a stranglehold on the host. In fact, the report shows 79 percent of the top 50 malicious codes, as being modular malicious code.

Further, the findings suggest that Microsoft Internet Explorer's average window of exposure is nine days, down from 25. Whereas, Apple Safari's window of exposure is five days, up from 0; that of Opera is two, down from 18; and Mozilla's is one, up from negative two.

As regards time to patch flaws, Sun at 89 days, takes the longest to do so; followed by HP at 53 days; Apple at 37 days; and Microsoft and Red Hat each taking only 13 days' time.

Of the top 10 "new security risks," three are in the nature of misleading applications that give false/exaggerated reports of security threats facing users, thus forcing them to either pay money, or upgrade to a version publicized to be 'removing threats found'.

And, basis this report, Symantec also expects to see certain trends in the future, including a resurgence of polymorphism and other evasion techniques in Win32 malicious code; an increase in threats exploiting "Web 2.0" concepts; an increase in Vista-related threats; etc.

Fraud     home users     IDENTITY THEFT     internet security threat     norton     symantec