Mass-mailer viruses like Bagle, Netsky and MyDoom are so passé. Hackers in the know are now concentrating on mobile phone viruses, phishing scams and exploiting vulnerabilities, according to security company McAfee.
The antivirus vendor is set to released its quarterly report on internet threats today, with an eye on the dangers that lie ahead.
More than 1,000 vulnerabilities were discovered in the first quarter of 2005, a 6 percent increase from a year ago, McAfee said. And the outlook for the remainder of the year is not very reassuring, considering what the hackers have in store.
Almost gone are the days of mass-mailer viruses, which spread by sending copies of themselves to email addresses harvested from an infected machine, according to Vincent Gullotto, vice president of McAfee's Anti-Virus Emergency Response Team.
Hackers are now focusing their efforts on more lucrative, and malicious ventures, Gullotto said.
Phishing scams, for instance, are some of the fastest-growing threats. In this type of scam, hackers use email to direct internet users to websites designed to look like legitimate e-commerce sites, such as online banks and auction services. Hackers actually control the sites and use them to steal sensitive information such as bank account details and passwords.
Phishing is becoming even more nefarious as hackers are targeting their attacks, Gullotto said. Using tools like spyware programs and keystroke loggers, hackers are figuring out which banks internet users do business with, he said. These kind of focused attacks are already common in Brazil and are set to grow worldwide, he added.
"Before it was a just a numbers game – the more people you tried to fool, the higher rate of success," Gullotto said.
Criminals are also discovering new possibilities with mobile devices. Mobile viruses, which until recently seemed an unrealised threat, are now on the move, McAfee said. While the company detected five mobile malware threats in the fourth quarter of last year, that number now stands at 50, it said.
However, mobile attacks won't grow as rapidly as computer threats because of the variety of operating systems and the fact that devices are only intermittently connected to the Internet, Gullotto said.
"We still don't see the ability to produce a worldwide outbreak," he said.
If schemes designed to steal information, bungle mobile phones and spy on users were not enough, McAfee also sees a marked increase in non-malicious threats, such as adware. These internet nuisances, which perform actions like repeatedly sending advertising pop-ups, are approaching the annoyance level that only spam once enjoyed, Gulloto said.
"Adware is growing exponentially and it has the ability to spread very easily," he said.
More traditional threats like Trojan horse that masquerade as benign applications but in fact do harm, and bots, which are used to crawl websites collecting information, are still prevalent. Users should shield themselves as much as possible from all these threats by making sure that they use up-to-date antivirus software, employ spam filters and install the latest patches, McAfee said.