Don’t Let Cybercriminals Turn Holiday Cheers Into Jeers, Warns Trend Micro

The Top 10 2008 Holiday Web Threats ranked by Trend Micro

Kuala Lumpur — December 12, 2008 — The season of giving may come at a price as cybercriminals take advantage of one of the busiest online retail seasons of the year and rely upon various social engineering schemes and scams to lure unknowing users. Trend Micro threat researchers say that consumers who conduct their holiday shopping online either at work or at home may be putting both home and corporate networks at risk for Web threats, viruses and identity theft.

The volume and sophistication of Web threats make it imperative that multilayered, real-time protection is used to ensure online safety. The Trend Micro™ Smart Protection Network, which powers most of Trend Micro’s products and solutions, correlates Web and email threat data by using reputation technologies that compare threats against in-the-cloud threat databases. This unique type of cloud-client security infrastructure gives Trend Micro customers real-time protection against the latest Internet threats, while enjoying online activities to the fullest.

For holiday season online shoppers, Trend Micro™ Internet Security Pro checks the reputation of Web pages, blocking access to malicious sites before shoppers have a chance to access them and innocently give away their personal information or download potentially malicious code designed to steal their credit card or other valuable information.

The Top 10 2008 Holiday Threats ranked by Trend Micro’s global network of advanced threat researchers are:

10. Bargain-Hunter Scams
Discounts and special offers of popular items of the season are often used by malware authors to lure users into clicking malicious links, and enter information into specially-crafted fake sites. For example, the recent TROJ_AYFONE.A registered itself as a Browser Helper Object (BHO) on the affected system’s Internet browser to ensure execution each time you open the browser. It displayed fake advertisements about the then-newly released Apple iPhone, as well as a fake Web site of an online store where it can be bought.

9. Fake Charity Sites
Give to the Red Cross! Help hurricane Katrina victims! Cybercriminals are experts at exploiting calamities and tragedies. They also know that online users are more likely to donate to charities during the holiday season. Typically, spammers send out messages pleading recipients for donations; generous users who open the message and click on the link to donate end up robbed of confidential information.

8. Greeting Cards That Bring Bad Tidings
Electronic cards or e-cards are often used by spammers and malware authors as a lure for users to click on malicious links. This type of attack usually takes advantage of holiday seasons, when users are likely to send out e-cards that are distributed though links placed within the spammed messages or as file attachments. Clicking the link or opening the attachment then leads to malware being downloaded into the affected system.

7. Malvertisements: Malicious Advertisements
Everyone wants a good deal and cybercriminals often use online advertisements and promos to distribute malware. Advertisements placed on high-trafficked websites are often used as triggers for malware downloads. Popular sites such as Google, Expedia.com, Rhapsody.com, Blick.com, and even Myspace were rigged with malicious banner ads that contained malware.

6. Poisoned Christmas Shopping Search Results
Query results for certain strings of words can be rigged with malware. Malware authors exploit different seasons in choosing which strings will yield the malicious results. For example, in 2007, results to searches for the phrase “Christmas gift shopping” were found yielding malicious results leading to a wide variety of malware. Earlier this year, results to “Halloween costumes” were found to lead to a Rogue AV, a malware disguised to be antivirus software.

5. Compromised High-Traffic Web Sites
Cybercriminals follow the masses – they target Web sites that are popular and have high traffic, especially during the holiday season as shoppers flood online stores, auction and ecommerce sites.

4. Mining Personal Data – Bogus Gift Card Promos
Users who fill out seemingly harmless online surveys in exchange for gift cards, cash, free items or special promotions are at risk for this type of attack. A compromised survey page is actually a phishing site and is part of a plot to steal confidential information.

3. Ecommerce Phishing
Cybercriminals usually launch a phishing attack with an email message purporting to be from a trusted source but, in actuality, contains a malicious link. That link then directs the users to a “spoofed” Web site that looks real and legitimate but is fake. For example, eBay ranks among the most popular retailers; it is also the site where cybercriminals launch the most phishing attacks.

2. Bogus Courier Receipts That Deliver Trojans
Messages from popular couriers that signal package pick-up along with an invoice are infected with Trojans. Online shoppers awaiting delivery of a package are sure targets of this scam.

1. Shopping Invoices for Ghost Transactions
Fake receipts sent via email are infected with malware. When users open or click on the malicious receipt link, they are immediately vulnerable to identity theft. Even users who are not expecting an online purchase receipt may open the attachment anyway out of curiosity.

For tips on online safety during this holiday season, please visit: http://us.trendmicro.com/imperia/md/content/us/pdf/aboutus/20thanniversary/20tips_stayprotected.pdf