Cisco, Panda Identify Cybercrime Trends

The cybercrime landscape is continuing to evolve--with the emergence of advanced persistent threats as the most potentially damaging and, given the volume, the most threatening, says Mary Landesman, market intelligence manager at Cisco. Together with data theft and trojans, advanced persistent threats (APTs) are the main dangers, according to the company's annual security report for 2010. Although primarily gathered from large enterprises, the data offers guidance for organizations of all sizes, says Landesman.

For instance, one of the most insidious threats for small businesses is called reshipment. The perpetrators deliberately target small businesses because they're hungry for business and typically don't have the resources to vet the orders, says Landesman. A large order is placed with the business, and as soon as the order is shipped, the perpetrators contact FedEx and reroute the shipment, typically several times. "By the time the credit card is rejected, the shipment has already left the country and gone through so many loops ... the end result is that the small company is left holding the bag."

Another interesting change is the shift away from Windows-based PCs to other operating systems and platforms, including smart phones, tablet computers and mobile platforms in general, she says. The smart phone market has consolidated around three dominant platforms--Blackberry, Android and iPhone--which gives cybercrooks a bigger user base to rob.

Landesman doubts they will use traditional malware; instead, cybercriminals could use an application that siphons information from a user, or leverage one of the limitations of the devices themselves--their small screens. For example, something can look legitimate on the screen but content off to the right isn't visible, which can make fishing scams more effective.

Other findings include the heavy investment in "money muling" by cybercriminals and the continuation of various forms of trust exploitation. Money mules are people recruited to set up bank accounts, or even use their own bank accounts, to help scammers "cash out" or launder money. The mules are often innocent and being duped themselves, says Landesman. These money muling operations are becoming more elaborate and international in scope, and should see a lot more activity in 2011, warns Cisco.Trust exploitation is a growing problem that incorporates social engineering scams based on what Cisco calls the "seven deadly weaknesses": sex appeal, greed, vanity, trust, sloth, compassion and urgency. The attacks can come from e-mails, social networking chats and phone calls.

Unlike Cisco's report, PandaLabs Black Market Report focuses on the SMB market. According to Panda Security, the cybercrime black market is a rapidly growing industry of cybercriminals and hackers who are making a business out of stealing personal information for financial profit.

This marketplace involves selling such items as bank credentials, log-ins, passwords, fake credit cards and more. Cloned credit/debit cards start as low as $180, with card cloning machines running from $200 to $1,000, and even fake ATM machines are available from $3,500.