G DATA Software AG: Antivirus, Virenschutz, Virenscanner, Internet Security

Bochum (Germany), 15 April 2008 - Every year cybercriminals cause damage running into the billions through the theft, sale and misuse of stolen data. Here the fraudsters rely on different ploys to get hold of specific information or steal complete online identities from their victims. Classic phishing mails, the dinosaurs in the e-crime emporium, are part of the criminals‘ standard repertoire. According to Ralf Benzmüller, Head of G DATA Security Labs, pharming and crimeware are the most successful alternative concepts used by fraudsters. In the latest G DATA Whitepaper "New Forms of Data Theft" dealing with the new forms of data theft, the security expert offers insights into the tricks and tactics of cybercriminals.

For such gangs stealing and selling data is one of the most profitable business models there is. These fraudsters have been in business for years, and the members of the Cybercrime Generation stopped restricting their activities to the theft of online banking data long ago.

"Many users still vastly underestimate the value of their personal data. In general there are virtually no applications that cannot be misused or turned into hard cash. Prices vary wildly here and depend on the quality of the data. Data packages of several hundred megabytes containing unsorted personal details can already be had for 60 euros on the black market. This may involve access data to email accounts, Paypal payment details or online banking information", comments Ralf Benzmüller, Head of G DATA Security Labs.

Over time we have seen major changes in the tricks used by data thieves. Classic phishing mails are just one of the ploys used by the criminals to lure their victims to bogus Internet pages. "Correctly entering the domain is no guarantee whatsover that you will end up on the web site you are after. Thieves divert their victims to phoney Internet pages by breaking into DNS servers or using special malware on infected computers. Even experts can barely distinguish them from the real thing. Data entered on such sites are automatically forwarded to the criminals," says Ralf Benzmüller.

Crimeware - the criminals‘ most effective weapon
But a wide variety of protective mechanisms and progressive education about phishing mails is now taking effect, forcing online criminals to adopt new tactics. Today most phishing attacks involve

Trojan horses. The special programs are often "disposable", i.e. designed to be used only once and to then self-destruct after successful transmission of the data.

Smart malware such as Bancos variants or Nurech manipulate the content of the web sites called up and insert their own form fields - or even entire web pages. The culled data are sent to both the attackers and to the authentic web servers. Such scams operate entirely unnoticed by the victims, who only discover what has happened when money is siphoned off from their account.

Education and protection
The adoption of efficient security solutions combining antivirus, antiphishing, firewall and spam protection should be obligatory for users. The results of G DATA‘s 2008 large-scale security survey in February 2008 showed an unsatisfactory state of affairs - almost half of all PC users are surfing the Net without protection, thus making themselves easy prey for data thieves.

Failing to take the issue of data security seriously and a lack of knowledge about the tactics adopted by online criminals allows members of the e-crime society to pull off their dodgy affairs with aplomb.

Crimeware Top Five:
Every day new variants of data spyware make their appearance. Here is a list of the most common ones.