Cyber grinches out to spoil Xmas party for shoppers – Trend Micro report

12 Nov 2013

Online shoppers are being urged to be cautious and protect their financial data from being compromised as cyber-thieves are ramping up their efforts. Trend Micro expressed particular concern about the proliferation of Apple iOS phishing sites.

Trend Micro’s Q3 2013 Security Roundup report finds that unscrupulous cyber-criminals are taking advantage of the perception that Apple-related sites and products are a safe haven against threats.

After a spike in Q2 (5,800 in May), Apple-related phishing sites have remained steady throughout Q3, with 4,100 detected in June; 1,900 in August and 2,500 in September. This raises concern of potential new targets in Q4, with analysts estimating Apple will sell 31m iPhones and 15m iPads in the fourth quarter alone.

“As consumers gravitate to the convenience of online banking, criminals are developing tools at an exceedingly rapid pace to exploit a general lack of awareness,” said JD Sherry, vice-president of technology and solutions, Trend Micro.

“In addition, Apple has been traditionally perceived as a safe haven against threats, but our findings reveal that personal information can be jeopardised as phishing scams that target the platform continue to gain momentum. This evidence suggests a potential perfect storm looming in the holiday season as busy commercial and consumer users leverage mobile platforms,” Sherry said.

Online banking malware infections

Trend Micro researchers also identified more than 200,000 malware infections targeting online banking in Q3.

Three countries stood out as the most targeted, with the US accounting for almost one-quarter (23pc) of online banking malware infections worldwide, followed by Brazil with 16pc and Japan with 12pc.

Europe’s top countries, Germany and France, had only 3pc respectively, which may stem from the regions’ high degree of multi-factor authentication requirements with online banking transactions.

Along with these increases, the level of sophisticated obfuscation techniques used by threat actors has also risen. In particular, in an online banking Trojan called KINS, Trend Micro discovered anti-debugging and anti-analysis routines.

Christmas hacker image via Shutterstock

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years

editorial@siliconrepublic.com