12 Jan 2011

Hackers phish for files

Last year saw a substantial growth in both consumer and enterprise data breaches. According to the Identity Theft Resource Center, 662 breaches occurred in 2010, up nearly 33 percent from 2009.

More than 16.1 million records were exposed as a result of 662 breaches.Cyber criminals are targeting government officials and employees of powerful companies.
 

One method of wreaking havoc is using the spear-phishing attack.Opposed to traditional phishing attacks, where only 1 to 3 percent of people fall for the scam, spear-phishing hits 20 to 30 percent, according to Brian Krebs to SecurityNewsDaily.

"Spear-phishing is a present and constant threat to high-value targets in the U.S. and other governments, as they are a prime target of this type of attack.” Chinese hackers have already been successful against U.S. State Department employees while the U.S. and China engaged in climate change talks in 2009.

Hackers attempt to display a sense of urgency in the messages. Wanting the recipients to open or download a file instead of asking for information, makes the success rate much higher as the hackers attempt to place malicious hardware into the PC.