Trend Micro Incorporated (TSE: 4704), a global leader in Internet content security, reported today that cybercriminals are not only leveraging new technologies to propagate cybercrime, but are also reinventing forms of social engineering to cleverly ensnare both consumers and businesses, according to the "Trend Micro Threat Roundup and Forecast 1H 2008" report.

Exploiting human nature through social engineering and phishing techniques

While social engineering tactics such as the Nigerian phishing scam and the Spanish prisoner scam have been around for decades, cybercriminals continue to refresh and modernize this standard form of trickery based on whatever the trend appears to be.

For example, the tools and technologies used to create the interactive nature of popular social networking sites have become a land mine for cybercrime.

In March, Trend Micro discovered that over 400 phishing kits designed to generate phishing sites were targeting top Web 2.0 sites (i.e. social networking, video sharing and VoIP sites), free email service providers, banks and popular e-Commerce Web sites.

Recently, a new form of phishing warned potential victims about phishing emails as a way to legitimize that email and then tricked them into clicking on a link that leads to a fraudulent site.

Spammers are also recycling old techniques.

In February, Trend Micro investigated a voice phishing (aka "vishing") attempt.

The message appeared convincing, with all links leading to corresponding, legitimate target pages, but included a phony number for recipients to call to reactivate their account, which had been supposedly "placed on hold."

Upon calling the phone number, users were asked for their bank card number and PIN, unwittingly opening their bank accounts to the phishers.

Developing malware for blended threats

Malware variants have generally been treated as separate individual threats.

Today, profit-motivated Web threats blend various malicious software components into a singular Web threat business model.

For example, a cyber criminal sends a message (spam) with an embedded link in the email (malicious URL) or contained in an instant message.

The user clicks on the link and is redirected to a Web site where a file (Trojan) automatically downloads onto the user's computer.

The Trojan then downloads an additional file (spyware) that captures sensitive information, such as bank account numbers (spy-phishing).

Although seemingly one incident, blended threats are much more difficult to combat and much more dangerous for the user.

Exploiting new technologies

The fast-flux technique is an additional example of criminals abusing technology developments.

Fast-flux is a domain-name-server (DNS) switching mechanism that combines peer-to-peer networking, distributed command and control, Web-based load-balancing, and proxy redirection to hide phishing delivery sites.

Fast-flux helps phishing sites stay up for longer periods to lure more victims. For example, researchers are challenged to identify malicious Storm domains because developers are using fast-flux techniques to evade detection.