WATCH OUT!!!…….it is possible that the computer you are using is providing a window of opportunity to the cyber criminals living probably a continent away, waiting to steal all that you have worked hard for. This article illustrates the grainy world of cyber crime and ways to protect yourself and your confidential information from being watched by cyber criminals. It also reveals attempts of the cyber police in trying to get a sharper picture of the actions of these criminals.

     Somewhere in St. Petersburg, Russia, a tiny start up has struck internet gold. Its dozen or so employees are raking well over $100 million a year from the world’s largest banks, including Wells Fargo and Washington Mutual. Their two years rise might be the greatest success story of the former eastern Bloc’s high-tech boom – if only it weren’t so illegal. The cash may be just coming from your bank account and they could be using your computer to commit their crimes.

     The enigmatic company named ‘Rock Phish’ by the security community has rapidly become a giant of the internet underground by perfecting a common form of internet crimes known as ‘phishing.’ The thieves capture people’s personal computers, and use them to send phony emails that trick other users into revealing private financial information.

     During the past few years a professional class making a living out of stealthy online fraud has transformed internet crime, rendering obsolete the hobbyist hackers who sought fun and games. These people are like ghosts in our web browsers, silently taking over our computers, stealing digital bits and turning our data into cash. They’ve created a sophisticated, cyberspace shadow economy; government and research firms estimate that this (shadow economy), costs us billions of dollars annually. The crimes and their effects are disturbing, but the greater concern is the failure of corporations, governments and the average citizen to comprehend the mounting threat and to fight back.

      A few terms being used in the world of cyber crimes which could help increase the awareness amongst victims and future victims include the following. Bot-herdes are those who control the armies of computers called botnet. Botnet is a robot network or collection of zombie PCs installing malware on people’s computers. Drive-by download is when a malicious code is automatically installed on the user’s PC from a website he/she visited. Spam is unwanted emails sent to users forcing them to buy something, or to reveal information. Trojan is malicious software disguised as a graceful program. Virus is a computer code that infects a file then takes action and spreads when the user opens that file. Worm is a self replicating program that transfers itself between PCs, often clogging the network as it spreads. Phishing is sending false emails that appear to come from trusted entities.

    According to the computer security company, Symantec, the number of malicious software or malware, tripled in the first half of this year, compared to the previous six months. Also, the number of phishing websites spotted in the first three months of 2007 by security software maker MacAfee, skyrocketed by 784% compared to the previous year. These attacks cost people a lot of money – at least $200 million was lost by 200,000 people last year in online frauds. That makes it $724 per person. Businesses are hit even harder; average annual losses from security incidents doubled to $345,000 per company in 2007. In 2006 the total cost to American businesses from cyber crimes was $67 billion.

     The internet has handed post modern swindlers an endless supply of marks and cheap tools to attack millions with a single click. In phishing, the most common and successful scam to make people reveal their passwords and account information are false emails that purport to come from the bank which the criminals use to pilfer money from bank accounts. Among the many cyber criminals out there, Rock phish is the most successful, well organized, and largest group. It makes its emails look professional by putting up fancy logos and fonts that mimic the legitimate messages sent by targeted companies, it fools anti span programs by hiding the phish inside an image instead of typing it as a text; it even wrote soft wares that created series of websites with slightly altered names, avoiding detection by spam-blockers on the lookout for one single link showing up repeatedly in emails. Moreover, it conducts campaigns in English, French, German and even Dutch to expand its frame of targeted audience.

Recommendation: criminals are increasingly hiding their malware within apparently safe sites and to prevent yourself from being a cyber crime victim there are a number of precautions to be followed: make sure your operating system’s automatic updates and firewalls are turned on. Use anti virus and anti spy ware software. Run a full system scan at least once a month. Do not open attachments or click on link emails from people you don’t know. Use passwords with at least eight characters, including numbers and symbols; remember to change passwords regularly. Access the internet through a router because it creates an implicit firewall for you, preventing bots from accessing your machine directly. Do not use the same password for every account. Never connect to the internet using a wireless connection without a password. Also, never send sensitive information to websites that do not begin with “https”, because this indicates that they aren’t secured. And last but not the least, when you receive an email, think about whether it’s really from the purported sender rather than an imposter before taking any action because we cannot be 100% secure and safe, but precautions lower the effects!