Classic cyber crimes could pose future threats: McAfee

Long-standing online crimes such as financial market manipulation and social engineering could morph into the security threats of tomorrow, according to researchers speaking at the FOCUS 09 conference.

McAfee Labs threat researcher Craig Schmugar and product manager Anthony Bettini said that the changing landscape of the security market could help keep 'tried and tested' cyber crime thriving in the coming years.

Bettini and Schmugar suggested that the classic 'pump and dump' scam has been given new life by the emergence of Web 2.0 services and the speed at which new information, both reliable and otherwise, is spreading.

The researchers noted recent incidents such as the false reports of Apple chief executive Steve Jobs's death as possible scenarios for stock manipulation. By spreading rumours through blogging and user-sourced news services, criminals could manipulate stock markets and reap financial rewards.

Cyber criminals can also capitalise on Web 2.0 for phishing activities. As users place more information online, criminals are able to make personalised 'spear phishing' attacks even more convincing.

"You start open sourcing your life and it basically is a hunting ground for phishing attacks," said Bettini.

Even more opportunities for financial manipulation could lie in the burgeoning market for application flaws. Schmugar and Bettini noted a recent study which found that Microsoft's stock price dropped slightly on days when the company released its monthly security updates.

As more security researchers look to receive pay for the discovery of previously unknown or zero-day flaws, the chances of a flaw falling into the wrong hands or being released with the aim of manipulating stock prices could increase.