By Ryan Blitstein - San Jose Mercury News

Somewhere in St. Petersburg, Russia’s second largest city, a tiny startup has struck Internet gold. Its dozen-odd employees are barely old enough to recall the demise of the Soviet Union, but industry analysts believe they’re raking in well over $100 million a year from the world’s largest banks, including Wells Fargo and Washington Mutual.

Their two-year rise might be the greatest success story of the former Eastern Bloc’s high-tech boom — if only it weren’t so illegal. But the cash may be coming from your bank account, and they could be using the computer in your den to commit their crimes.

The enigmatic company, which the security community has dubbed “Rock Phish,” has rapidly grown into a giant of the Internet underground by perfecting a common form of Internet crime known as “phishing.” The thieves capture people’s personal computers, then use them to send phony e-mails that trick other users into revealing private financial information.

“Rock is the standard. They’re the Microsoft. Everyone else is a bit player,” said Jose Nazario, a researcher at security company Arbor Networks.

As big as Rock Phish has become, though, it is a sliver of a much larger problem.

photo credit: mcbarnicle

During the past few years, a professional class bent on stealthy online fraud has transformed Internet crime, rendering obsolete the hobbyist hackers who sought fun and fame. These Al Capones of the information age are like ghosts in our Web browsers, silently taking over our computers, stealing digital bits, and turning our data into cash. Take cyber-bite out of crime…

Vocabulary of cybercrime

Bot-herders: Those who control the armies of computers known as botnets.

Botnet: A “robot network,” or collection of zombie PCs, usually controlled by Internet crooks who have surreptitiously installed malware on people’s computers.

Drive-by download: A user visits a Web site containing malicious code that installs itself on the user’s PC.

Malware: Any computer software created with malicious intent.

Phishing: Sending e-mails that appear to come from a trusted entity (such as a bank or well-known company) that trick people into giving up personal and financial information.

Spam: Unwanted e-mails sent to users to get them to buy something, take an action or reveal information.

Trojan: Malicious computer software disguised as a useful program that tricks users into opening or installing it.

Virus: Computer code that infects a file or program, then takes actions and spreads when the user opens that file or program.

Worm: A self-replicating computer program that transfers itself between PCs, often clogging the network as it spreads. Read the rest…

That says it all, very scary indeed! For more great content, information and stories like this, please Join Us, Monday LIVE @ 11:00 MST for:

Your Online Security Authority  
Bill Wardell

Share

Popularity: 7% [?]

If you're a concerned parent, you may want to subscribe to the: OSA~RSS Thanks for visiting! and make sure to sign our OSA Guestbook...