With the Yuletide season in full swing, shoppers everywhere are busy buying items for everyone on their shopping list. While this brings profits for most retailers, there’s another group that tries to profit as well — cyber criminals.
It’s well known that malware infection rates rise significantly during the last few months of the year. For example, Trend Micro’s own global malware infection count in 2007 rose more than fivefold from September to December. The localized counts for Britain, Germany, and Japan all showed similar patterns. Currently, our data for 2008 shows the same pattern, which would put the infection count by year end at record highs.
This increase is no coincidence. Internet users are more likely to have shopping on their mind at this time of year — this means they are more likely to be looking for information on what items to buy, bargains, etc.
All of this creates additional opportunities for cyber criminals to illicitly make money during the season.
Attacks targeting would-be shoppers have taken some novel forms. Last year, cyber criminals were able to “poison” Google, leading those searching for christmas gift shopping to potentially be victimized by the gift of TROJ_ZLOB.ERT. Earlier this year, the same trick was used for halloween costumes, only this time the user got the trick (and not the treat) of Mal_FakeAV6.
Online shopping has its own risks that don’t show up with brick-and-mortar shopping. There’s the issue of online payments and shipping. It should be no surprise that both are exploited by cyber criminals. PayPal, one of the most popular means of online payment, has found itself the target of phishing attacks multiple times.
What about shipping? Variants of the ZBOT family of keyloggers have been spread via emails that claim the user has an undelivered package. The attachments which supposedly has the invoice actually contains the malware.
So, what can we expect this coming holiday season? To borrow a phrase, all of this has happened before, and all of it will certainly happen again. We can expect to see the same attacks — only more of them. We can also expect that the sophistication of these attacks will increase. Despite this, the Smart Protection Network will continue protecting users from any attack that may come this holiday season.