Friday, June 4, 2010

Online Malware Trade Dubbed ‘Fraud-as-a-Service’

Fraudsters have gotten so efficient at creating, selling and deploying malware that one major Internet security firm now calls it “fraud-as-a-service.”

Like legitimate software-as-a-service, the computer tools are offered through their underground industry in an increasingly commoditized fashion, according to RSA, The Security Division of EMC.

The firm–which claims to have shut down almost 300,000 phishing attacks and protects more than 300 organizations–said that its latest analysis found compromised e-mail addresses at 60% of the Fortune 500 companies and that fully 88% of the domains used by those same companies had been infected to some extent by the Zeus keystroke-logging Trojan alone.

Credit unions, however, seem to be falling out of favor a bit with phishers, drawing only 4% of attacks on U.S. financial institutions in March, down from 22% in March 2009 and compared with 57% on national banks and 39% on regional banks, RSA said.

No comments: