A mystery valentine or a dangerous liaison?

Internet Security Systems, Inc (ISS) revealed today that the number of dating sites across the world has increased by 17% within the last 12 months. The company believes this rise is partly attributed to the increase in malevolent Web sites used by developers of malicious code as an opportune moment for phishing, spam and hacker attacks on unsuspecting victims.

The top five countries with the highest increase in dating Web sites over the past year are the US with 42.9%, Germany with 20.2%, China with 8.9%, the Netherlands with 7.9% and Russia close by with 7%. Interestingly, the UK reaches the top eight with an increase of only 1.8%.

"South Africa and Africa is not an exception. As English-speaking countries, we should be fully aware that we are targeted in the same way as America and Europe," says Jorina van Rensburg, CEO at Condyn. "It is important for organisations to ensure their users are educated and protected against these threats, especially on Valentine`s Day as people enjoy the spirit of the day, and tend to open and forward messages and links to colleagues, clients, friends and family.

"Organised criminal units have in the past timed their attacks to coincide with popular celebration occasions in order to achieve maximum success in compromising the integrity of computer systems," said Gunter Ollmann, Director of X-Force at Internet Security Systems.

"It is anticipated that Valentine`s Day is a day that is similarly marked on the criminals` calendar for targeted attacks."

In the weeks running up to Valentine`s Day, many phishing e-mails will do the rounds that promote love or dating opportunities. Organised criminals use this method to lure users to visit specifically designed and prepared Web sites, which are used to infect the victim`s PC with worms, viruses and Trojans. This allows the criminal gang to gain control of systems or access confidential information such as usernames, passwords, or bank account information and credit card numbers.

"Attacks from hackers will take many forms but, based upon previous observations by ISS, will most insidiously utilise e-mail to deliver spam with a Valentine`s Day message containing embedded malicious URLs. These messages will be designed to drive their intended victims to Web sites that will attempt to install spyware and other malware on the victim`s computer," added Gunter. "These criminal organisations tend to use advanced spyware propagation techniques that utilise exploit code to bypass local security settings and install the payload on the user`s computer."

In order to protect against these kinds of attacks, ISS recommends that computer users follow the following guidelines:

* All the latest security patches and updates are applied to all software on the computer. While Microsoft update can be used to patch the operating system, users should also make sure that other packages such as Microsoft Office and ActiveX components within popular Web browsers (eg Shockwave Flash, QuickTime, etc) are similarly updated.

* Don`t attempt to open any attachments that come via e-mail, instant messenger, or other file sharing network unless you can positively verify the source. Many worms and viruses propagate by compromising one computer and sending e-mails to everyone listed in the address book on the computer. Therefore friends and colleagues will receive an e-mail supposedly from someone they trust - only to be fooled into opening a dangerous attachment.

* Make sure that all desktop protection software is fully up to date and has the latest signatures installed.

* ISS offers Proventia Web Filter. Proventia Web Filer blocks unwanted Web content, optimises Internet access for employees and prevents any kind of non-work-related Internet use. This way, businesses are protected, employee productivity is increased and legal liability through use of illegal private "surf trips" at the workplace is reduced.