Unlike phishing, Trojans are invisible. They can reside on a computer undetected for months at a time, capturing bank credentials and sending it directly to the fraudster, says Uri Rivner, head of New Technologies, Identity Protection and Verification at RSA, the security division of EMC.
Rivner will describe how simple it is to become a successful online fraudster, and explore the global underground cyber-crime movement, at the ITWeb Security Summit 2009.
He has spent more than eight years researching online fraud and developing technologies to prevent it. Rivner joined RSA at the end of 2005, through the acquisition of Cyota, where he served as VP of international marketing, global channels and business development.
“When I started in this business 10 years ago, I had the assumption, like most people at the time, that online fraud is a one-man operation. Now we understand that this is far removed from the actual truth. Online fraud is an entire economy - it's so much more than a single group,” says Rivner.
According to Rivner, online fraud using Trojans is divided into two parts - the cyber-criminals responsible for stealing and collecting the data via Trojan software, and fraudsters cashing in the accounts using the stolen information. Other mechanisms being used to acquire personal information are phishing attacks, and ATM scanner devices to get credit card information from unsuspecting victims.
Any kind of financial vehicle that can be emptied and monetised is at risk, says Rivner: “Phishing has been around for a very long time and it's still a mainstream tool for fraudsters. However, it's diversifying. We are seeing an increasing trend, where government Web sites and financial institutions are being targeted.”
Cyber-criminals no longer rely on a simple e-mail embedded with a Trojan or phishing attack, he notes, as people have become more aware and there are more advanced anti-virus solutions on the market. Cyber-criminals increasingly target social networks such as Facebook, Classmates.com, MySpace and YouTube by infecting the sites with Trojans.
Online fraud 101
“These days it's getting easier to launch a Trojan attack. You can purchase Trojans off the Internet via an underground Web site that acts as a control system for the Trojan. You pay a subscription and start collecting credentials. It's as easy as that; you don't even have to download it. You don't have to be that technical to do fraud these days, and that's something we should worry about.”
The good news, says Rivner, is the industry is deploying a lot of technologies to fight these Trojans: “Online banking fraud is still small compared to credit card fraud, which has been going on for years. The actual damage from online fraud is growing at a staggering rate, but it's only about 20% of traditional credit card fraud. The technologies being deployed are working on an adaptive manner by using detection and shutdown services using visible and invisible security solutions.”
Related stories:
Is open source safer?
Privacy not a guarantee
Speakers reveal top security issues
Top black, white hats at Security Summit
ITWeb Security Summit 2009
Share