Deprecated: Function create_function() is deprecated in /home/hidefide/public_html/blog/wp-content/plugins/wr-pagebuilder/core/core.php on line 127
{"id":120,"date":"2011-07-05T12:23:24","date_gmt":"2011-07-05T12:23:24","guid":{"rendered":"https:\/\/icaruspressblog.wordpress.com\/?p=120"},"modified":"2019-04-17T12:22:41","modified_gmt":"2019-04-17T12:22:41","slug":"spam-reduced-targeted-attacks-on-the-rise-cisco","status":"publish","type":"post","link":"https:\/\/hidefideas.com\/blog\/2011\/07\/05\/spam-reduced-targeted-attacks-on-the-rise-cisco\/","title":{"rendered":"Spam Reduced, Targeted Attacks on the Rise: Cisco"},"content":{"rendered":"

$\"cyber-warrior\"$
\n<\/strong>Recent activity indicates a significant reduction in spam levels, but no one should find comfort in this news. Spammers are making it personal, a new report from Cisco suggests, and at fault may be the law enforcement community for taking down the likes of Rustock and other botnets<\/a>.<\/p>\n

If email spam is a recurring nightmare from which you cannot seem to wake, read on. At the half year mark of 2011, some seemingly good news has poked its head over the horizon, with the promise of a brighter future. Unfortunately, the news isn\u2019t all good; in fact, like spammers, it\u2019s a little deceiving.<\/p>\n

According to a new (June 2011) report published by Cisco Security Intelligence Operations (SIO) entitled \u201c Email Attacks: This Time It\u2019s Personal<\/a>,\u201d cybercriminals are dumping the \u2018throw it against the wall and see if it sticks\u2019 approach of indiscriminate spam, so much so that Cisco\u2019s reports the, \u201cannualized cybercrime business activity caused by mass, indiscriminate email attacks has declined by more than half.\u201d The report goes on to state that the volume of overall random spam in the past year has declined by more than 80 percent, a figure that sounds a little on the high side, but no one can deny that spam volumes have dipped<\/a> since the Rustock Botnet<\/a> takedown in March.<\/p>\n

Cisco SIO reports that the financial impact of this decline is significant.<\/p>\n

\u201cCisco SIO estimates that the cybercriminal benefit resulting from traditional mass email-based attacks has declined more than 50 percent: from US$1.1 billion in June 2010 to $500 million in June 2011 on an annualized basis.\u201d<\/p>\n

The direct impact of spam emails is even greater, down from 300 billion spam messages a day in June 2010 to 40 billion a day in June 2011.<\/p>\n

Generally speaking, people continue to be smart enough to recognize a scam when they see one, but interestingly enough, those who aren\u2019t are getting taken for more money. While Cisco SIO reports that the average user continues to be smart enough not to click that link, resulting in low user conversion rates (the amount of people who actually end up getting fleeced), that this figure \u201cis partially offset by increases in the average user spending on conversions.\u201d Cisco SIO attributes this increase in the spam artists using personalization tools, better-crafted scams and more effective malicious attacks, and reports that the level of personal information being divulged has resulted in larger paydays for the scammers.<\/p>\n

So how much does an errant click cost? $250, according to the report. Cisco SIO explains the methodology used in arriving at this figure:<\/p>\n

\u201cThis amount is in line with the low-end estimate of recent publicly disclosed scams and malicious attacks. For instance, in June 2011, the U.S. Federal Bureau of Investigation (FBI) announced a scam email directing recipients to send $350 to obtain a Clearance Certificate or else legal action would be taken against the recipient.\u201d<\/p>\n

Now for the bad news: even though random email spam has experienced a large decline, the amount of money being made by the scammers has quadrupled. Using the estimates explained above, Cisco SIO reports that \u201cscams and malicious attacks (as a sub-category of mass attacks) have grown from US$50 million to US$200 million over the last year on an annualized basis.\u201d<\/p>\n

Oh, the Irony!<\/strong><\/h2>\nIn what feels like a \u2018why did they kick the hornets\u2019 nest?<\/a>\u2019 moment, the Cisco SIO report explains how, in the past year, the face of global cybercrime has morphed into something different, and quite possibly, more dangerous. \u201cStarting in 2010 and continuing into 2011, the criminal ecosystem has been changing dramatically. Law enforcement authorities and security and industry organizations worldwide have been collaborating to shut down or limit the largest spam-sending botnets and their associates. SpamIt, a large spam-sending affiliate network, ceased operations in October 2010 after its database was leaked and Russian police pressed charges against its owner. Major botnets were severely curtailed or even shut down, including Rustock, Bredolab, and Mega-D.\u201d The end result? \u201cBy disrupting the financial and technical business models of key cartels,\u201d Cisco SIO reports, \u201cthreat volumes have declined in favor of more lucrative activities.\u201d<\/p>\n
Oh, the humanity! If what this report states is true (and it sure sounds about right), then by deposing the former ruler \u2013 the incessant glut of email-pushing online pharmacies, instant university degrees, Internet casinos, and secret fortunes waiting to be smuggled out of some foreign country \u2013 in its place the law enforcement community has established a new despot: the smarter, more focused scammer!<\/p>\n
Evolutionary Change and Survival of the Craftiest<\/strong><\/h2>\n
In fact, Cisco SIO reports:<\/p>\n
\u201cas part of the evolution of the criminal ecosystem, [the growing number of scams and malicious] attacks are becoming highly focused.\u201d<\/p>\n
Scammers are taking greater care in their approach as they carry out schemes designed to rob people of their hard-earned Benjamins. They\u2019re taking to other means \u2013 such as SMS<\/a>, social media like Facebook<\/a>, Twitter<\/a> and Tumblr<\/a>, the tried-and-true telephone scam<\/a>, and even eBook readers<\/a> \u2013 and they \u201care choosing their targets with greater care, using personalized information such as a user\u2019s geographical location or job position.\u201d Examples of these scams, Cisco SIO reports, are:<\/p>\n
\n
SMS financial fraud scams to specific locales<\/li>\n
Email campaigns that use URL shortening services<\/li>\n
Social media scams, where the criminal befriends a user or group of users for financial gain<\/li>\n<\/ul>\n
Spearphishing is on the rise and has experienced its own evolution, Cisco SIO states:<\/p>\n
\u201cSpearphishing attacks are aimed at a specific profile of users, often high-ranking organizational users who have access to commercial bank accounts. Spearphishing attacks are typically well crafted; they use contextual information to make users believe they are interacting with legitimate content.\u201d<\/p>\n
If the cyber scammers are getting smarter, then it\u2019s imperative that we, too, evolve. Cyber criminals made $150 million this year from spear phishing<\/a>, according to Cisco, and that kind of return on investment speaks for itself. Spam won\u2019t go away<\/a>, ever. But like a nasty super virus that evolves and mutates into an antibiotic-resistant strain, spam marches on, even if it\u2019s only to the beat of a new drum.<\/p>\n","protected":false},"excerpt":{"rendered":"
Recent activity indicates a significant reduction in spam levels, but no one should find comfort in this news. Spammers are making it personal, a new… <\/p>\n","protected":false},"author":3,"featured_media":113,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[13,14],"tags":[11,9,10,8,7],"class_list":["post-120","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","category-spam","tag-allspammedup","tag-bot","tag-botnet","tag-malware","tag-spam","jsn-master"],"_links":{"self":[{"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/posts\/120","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/comments?post=120"}],"version-history":[{"count":3,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/posts\/120\/revisions"}],"predecessor-version":[{"id":1851,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/posts\/120\/revisions\/1851"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/media\/113"}],"wp:attachment":[{"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/media?parent=120"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/categories?post=120"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/tags?post=120"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}