• Press Releases
• • 2009 Archive
  • 2008 Archive
  • 2007 Archive
  • 2006 Archive
  • 2005 Archive
  • 2004 Archive
  • 2003 Archive
  • 2002 Archive
• Events
• In the News
• Media Contact

Press Release

Cyveillance Testing Reveals Online Attacks Targeting New Brands are Up 50 Percent with an Emphasis on Quality not Quantity

Fraudsters’ focused attacks capturing more lucrative personal data

ARLINGTON, Va., February 24, 2010 -- Cyveillance, a world leader in cyber intelligence, today announced that online criminals are garnering greater success with increased technical sophistication affecting a wider range of industries. With greater diversity and the use of targeted attacks, phishing remains one of the top threats on the Internet according to Cyveillance’s “2H 2009 Cyber Intelligence Report,” which was issued today.

“Cyber criminals are focusing their efforts on developing more sophisticated and targeted attacks rather than using a far reaching blanket approach, in order to reap greater financial rewards,” said Panos Anastassiadis, chief operating officer of Cyveillance. “From emails to social networks, online criminals have increasingly more information at their disposal and a growing array of attack vectors to appear credible and go undetected. Organizations must be more vigilant in proactively protecting themselves and cannot rely solely on traditional security measures to keep their infrastructure and sensitive information safe.”

While some research indicates that the volume of phishing emails has been decreasing, it is important to note that these attacks are targeting more varied industries with the intent on generating greater financial success. While banks and credit unions continue to be the top targets of phishers, governments and the technology and energy industries are now seeing growing numbers of attacks.  Cyveillance determined that during the second half of 2009, 399 brands were first-time targets of phishing attacks, nearly double the amount of first-time targets than in the first half of the year. Averaging over 36,000 confirmed, unique attacks per month in the same period of 2009, phishing attacks continue to succeed despite advances made in consumer education and added protections implemented by security departments within the targeted organizations.

In addition to the phishing and malware statistics, the report also includes test results on the ability of leading antivirus (AV) software to detect malware. When Cyveillance fed active attacks through 14 of the top AV vendor offerings, they identified that these solutions detect less than half of the malware found on the Internet, leaving users susceptible to infection. Furthermore, Cyveillance fed malware samples through six of the top AV vendor products to determine how long they would take to detect the threat. Cyveillance found that even after seven days to adjust to a new malware threat, AV software averages only reached roughly a 50 percent detection rate. Cyveillance plans to release a more in-depth report later this year, and will include detailed detection rates over a much longer period with a broader selection of AV vendors.

Phishing
Cyveillance identifies phishing as a social engineering scam that relies on both technology and human interaction to carry out online fraud and identity theft. The schemes are varied, but typically involve a spoofed (spam) email that mimics an email from a legitimate and respected organization in order to steal personal information, which is then used for online fraud, identify theft or unauthorized network access purposes. Fraudsters have also been successful using new approaches by targeting the energy industry for financial gain, sensitive information or even carbon credits. 

Malware
Cyveillance considers malware to be a file or application downloaded from a Website or server that exhibits properties that are both involuntary and malicious in nature. There are many types of malware, ranging from “bot” programs used to launch spam to denial of service (DoS) attacks to keyloggers and backdoor Trojan viruses used for stealing sensitive information. While all malware presents a threat, the variations used for financial fraud typically cause the most harm to consumers. 

All figures and statistics in the Cyveillance “2H 2009 Cyber Intelligence Report” are actual measurements rather than projections based upon sample datasets. The cyber intelligence included in this report includes data collected and analyzed between July 1, 2009 and December 31, 2009. For more information or to download the report, visit here.

About Cyveillance
Cyveillance, a world leader in cyber intelligence, provides an intelligence-led approach to security. Through continuous, comprehensive Internet monitoring and sophisticated intelligence analysis, Cyveillance proactively identifies and eliminates threats to information, infrastructure, individuals and their interactions, enabling its customers to preserve their reputation, revenues, and customer trust. Cyveillance serves the Global 2000 and OEM Data Partners – protecting the majority of the Fortune 50, regional financial institutions nationwide, and more than 100 million global consumers through its partnerships with security and service providers that include Blue Coat, AOL and Microsoft. Cyveillance is a wholly owned subsidiary of QinetiQ North America. For more information, please visit www.cyveillance.com or www.qinetiq-na.com.

Media Contact:
Tony Welz      
Welz & Weisel Communications
703-218-3555
tony@w2comm.com