Security Experts Warn against Growing Cybercrime Underground Market

The recent years have witnessed significant increase in cybercrime.Attackers now use well-crafted e-mails and stealth to deceive users.Attackers regularly scan the cyberspace to collect valuable personal information and initiate target based attacks.

Albuquerque, NM (prHWY.com) January 28, 2011 - The recent years have witnessed significant increase in cybercrime. Attackers now use well-crafted e-mails and stealth to deceive users. Attackers regularly scan the cyberspace to collect valuable personal information and initiate target based attacks. Criminals extract relevant data from social and professional networking sites. Last year ZeuS Trojan and several variants were used to target employees working in the banking and financial industry. Sophisticated mechanisms are used to evade anti-virus solutions and safeguards in the IT perimeter.

The stolen information is used to steal funds or sold to their peers in the underground crime market. A recent report by security solutions provider Panda Security has found that cybercrime black market is witnessing expansion. One of the reasons for the growing black market is evolvement of new techniques, availability of automated toolkits and growth in malware such as Trojans, botnets and key loggers. The report indicates that number of malware strains identified has grown over 6 times in the last 7 years to around 60 million.

The new forms of malware help criminals in gaining access to credentials, stealing money and identity theft. Cybercriminals now function like an organized business spread over the world with members having different roles such as distribution of stolen information, committing fraud, providing illicit content servers, tech experts, information sale, conducting wire transfers and money laundering among others.

The underground cybercrime market operates as a continuous cycle of creating malware, identifying potential victims, inserting malware, stealing information, selling the stolen credentials and money laundering through money mules.Criminals take advantage of negligence in adhering to security fundamentals by Internet users to trick them into visiting well-crafted but fake websites or clicking on fake banking and social media links.

The black market which until a few years back was confined to selling credit card and banking information has expanded to include sale of physical credit cards, card cloners, fake ATMs, fraudulent bank transfers, card cloning, online payment accounts, fake online shops, counterfeit pay platforms, leasing spams and mail transfer protocols.Interestingly, they also provide trial offers and customer support. The prices range from as low as $2 for credit card information to around $35,000 for fake teller machines. The market has differential prices for cards originating from different countries.

Both businesses and individuals are targeted by cybercriminals. IT security awareness education may help employees to get an update on the security threats, safe online practices.

Banks may educate customers on the sophisticated threats through online training videos, tutorials and case studies.

EC-Council provides industry training and certification for information security professionals in ethical hacking among many other specializations. "Understanding how hackers exploit these vulnerabilities is a key requirement to hardening software and hardware. That is why EC-Council focuses on ethical hacking as an approach to information security evaluation" as stated by EC-Council's Senior Director, Steven Graham. EC-Council through its Certified Ethical Hacker program has trained such information security professionals from all over the world.

ABOUT EC-COUNCIL

The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates EC-Council University and the global series of Hacker Halted security conferences. The global organization is headquartered in Albuquerque, New Mexico.

Press Contact

Steve Graham
6330 Riverside Plaza Ln NW
Suite 210
Albuquerque, NM 87120
Steve.graham@eccouncil.org
505.341.3228

###

Tag Words: credit card, money laundering, money mules, fake atms, clone, threats, black market, tutorials, security awareness, online training, malware, security

Categories: Internet

Link To This Press Release:

URL HTML Code