If a deal seems too good to be true, it probably is.
Case in point: Last November, an FBI investigation led to the arrest of six cybercriminals in Estonia. The six were implicated in a worldwide criminal enterprise that resulted in the infection of more than 570,000 computers. In this particular case, the group’s online advertising scam took advantage of vulnerabilities in the Microsoft Windows operating system to install malicious software on the victim's computers. The software also turned off antivirus updates and changed the way in which the hacked computers reconciled website addresses. Victim’s computers were then reprogrammed to use rogue DNS servers owned by the attackers which redirected the affected computers to fraudulent websites controlled by the group. The victims were not only scammed out of some $14 million, but their very access to the Internet was virtually hijacked by the group.
More frightening still is the fact that online scams like this happen to millions of unsuspecting consumers every day. Whether the intent is to deliver malware, spyware or some form of virus, the very nature of the web allows mischief to spread far and wide with relative ease.
Only recently, Consumer reports stated that, “Malicious software infections cost consumers $2.3 billion in 2011.” They also pointed out the fact that one third of households surveyed had experienced a malicious software infection in the past year. Even more ominous is the fact that in the US alone, 1.3 million PCs were replaced in 2011 due to malware.
Does WWW stand for Wild, Wild West?
Why are criminals and other online miscreants able to inflict such damage to so many people with relative ease? The culprits most were cited as aiding and abetting the underworld can’t be found on a “Most Wanted” poster. That’s because they aren’t people. The real accomplices in cybercrime are poor virus protection and freeware. When you bear in mind that the Internet is in a sense as free and unfettered as the Wild, Wild West ever was, it should come as no surprise that criminal elements have been quick to capitalize on this electronic frontier town. The problem with the web is that unlike Dodge City, there is no sheriff in town other than the antivirus software on your machine. This same software can easily be circumvented with one Trojan horse planted inside your computer via freeware. Once your computer has been breached, there is no electronic posse that is going to pursue the outlaws who have infected your machine.
So, the first step to taking a bite out of cybercrime is to understand just how prevalent it is. What most people don’t realize is the fact that the total amount of money lost in cybercrime in 2011 ($338 billion) dwarfs that of that of the profits of illicit drugs ($288 billion). More shocking still is the fact that in the past year alone, more than 431 million adults were victims of cybercrime. While the number of violent crimes in the US declined 6.4 percent in 2011 according to the FBI, cybercrime has risen dramatically.
According to Mashable.com, ““Five years ago there were only 92,000 strains of malware cataloged worldwide. This figure rose to 14 million by 2008 and 60 million by 2010.”
Their report goes onto say that you can purchase bank details for accounts for $80 to $700. You can hire someone to design and publish a fake online store for between $30 and $300. A credit card-cloning machine costs $200 to $1,000, and an actual fake ATM, which steals valuable credentials from anyone who uses it, can be bought for a mere $3,500. The cybercrime industry acts just like any legitimate one, developing providers who cater to buyers needs and strive to build market share.
More frightening still is the fact that so many consumers make these crimes so easy to commit. Even though most web surfers are familiar with such threats as computer viruses and malware, more than forty percent of those surveyed by Consumer Report admitted to not having an up to date antivirus program. And an even higher percentage admitted to employing weak passwords. Add to this the fact that cybercrime has now gone mobile where there is even less security and you have to ask yourself why isn't everyone up in arms over the situation?
What it boils down to is this:
1. Cybercriminals are organized and motivated to engage in cybercrime because it is easy to get away with and hard to prosecute.
2. Consumers who routinely triple lock their doors and have burglar alarms on their cars for the most part leave their computers and cellphones unlocked, or with the key under the doormat.
3. While organizations like the FBI occasionally get involved in high profile cases such as the Estonian Connection, policing the internet at the local level is for the most part left to local law enforcement, many of whom have little or no facilities to deal with this growing menace.
Far from free, that gift horse could well turn around and bite you. In short, since it has been left to consumers to defend themselves from phishing, password cracking, Trojan horse hacking, all but invisible cybercriminals, my advice is to think twice before accepting most freeware. And for God’s sake, get some decent antivirus software. Unless you like buying a new computer every year.
Carl Weiss is president of W Squared Media Group, a company dedicated to keeping clients stay on the cutting edge of online technology. Carl is cohost of the weekly Working the Web to Win radio show that is broadcast live every Tuesday at 4 pm Eastern on BlogTalkRadio.com