RealTime IT News

VeriSign: Be Wary Online. Be Very Wary.

Internet commerce grew 13.2 percent in the past 12 months, according to a new report. Not bad.

But fraud grew faster.

The report, to be released Monday, said phishing attacks, in which fraudsters lure people to sites that mimic those of top retailers in order to steal personal information, have become more acute and global in nature.

VeriSign, an Internet infrastructure services provider, prepares its Internet Security Intelligence Briefing on trends in Internet usage, security, and fraud based on data it collects as the operator of the Domain Name System, as well as its SSL and PKI digital certificate business, and managed security and fraud protection services.

According to VeriSign, the total dollars transacted online by a sample of VeriSign merchant customers increased an average of 13.2 percent in this period. Internet domain registrations, which the company uses as an indicator of small-business growth, also expanded, with a 23 percent increase in registrations of domain names for active Web sites in the .com TLD, and 20 percent for .net.

But phishing is the really booming business.

In its report, VeriSign quotes statistics from research firm Gartner: Some 57 million Internet users received the phony "update your account" or "fraud alert" e-mails that are the bait in phishing schemes. And, on average, 3 to 5 percent of them bit the hook, went to bogus sites and disclosed personal and financial info.

Exploits and attacks also are moving ever more quickly, evolving far faster than e-commerce technology.

In the first half of 2004, VeriSign detected a rise in the number of security events per device during the first half of 2004, reaching a high of nearly 4,000,000 events during the month of March. While the POP3 Authorization overflow attempt was the top attack in the first quarter of this year, Telnet Server 2000 rexec password overflow attempts topped the list for the second quarter, with the former exploit dropping off the Top 10 list altogether.

The gap between when a vulnerability is announced and when it's exploited narrowed even more, VeriSign said. At the same time, worms have gotten wilier. According to the briefing, there was a noticeable increase in multi-vector worms that can simultaneously exploit several vulnerabilities in one attack, and have a longer shelf life than single-exploit worms. The most effective and potentially damaging examples of this breed are called a "phatbot," "agobot," or "gaobot."

Top countries by percentage of fraudulent transactions, determined by the origin of IP address, were led by Cameroon, with 100 percent of transactions determined as risky. Following Cameroon was Nigeria (96 percent), Indonesia (93 percent), and Slovenia (92 percent).