Sms-ishing & V-ishing amongst future threats

Telafici explained the new terminology during his visit to Sydney, while acknowledging that the changing nature of hackers is a cause for concern.

“Social engineering is still the primary way to spread malware to the world,” said Telafici. Its transformed versions, sms-ishing, which convinces a user to click on a link in a sms message leading them to a fake website, and v-ishing, which refers to an automated voice message sent to VoIP phones to convince users to give up personal information, will slowly evolve according to Telafici.

Furthermore, the dramatic upsurge of malware volumes over the past five years could have dire consequences for the world economy.

“Today it’s for criminal and commercial motivation,” he explained. “The challenge here is…we have groups of people who are semi professional and had jobs in IT…this paints a new challenge for us,” said Telafici.

He revealed that password stealers are also rapidly increasing and that there were 6000 password stealers in 2006 compared to 500, in 2001. “This year we’re starting to see this being used against government departments and financial sectors,” said Telafici.

He added that it took 14 years for the cumulative total of malware including virus, worms and Trojans to reach 100,000. Then it took 2 years to reach over 200,000. “I think we’ll probably hit 300 000 threat by the end of 2007, early 2008."

Allan Bell marketing director for McAfee Australia APAC said, “If there’s a way to get in and get stuff off you, malware writers will find a way."

The news came during the same week as McAfee unveiled its top ten security threats list for 2007 which listed password stealing websites and increased spam volumes as its top two threats.

amongstfuturesecuritythreats