White Papers for Basel II Capital Accord (Basel II)
Botnet Threats and Solutions: Phishing
In today’s business and consumer computing space, a financially-motivated “ecosystem” of multiple players exists. This ecosystem—complete with its own lucrative buying and selling “microeconomy”—is fueling a rapidly growing crime wave.
Recently, malicious attacks involving tens of thousands of virus-infected PCs worldwide have targeted major organizations such as Microsoft, Google, Yahoo!, the U.S. Internal Revenue Service, and UK online betting firm Blue Square. These computers—infected via back door programs and controlled through Internet Relay Chat (IRC) commands—are covertly hijacked with software bots, applications that serve as agents to surreptitiously collect information. This mass infection transforms compromised PCs into botnets, networks of machines that serve numerous fraudulent purposes. Botnets have been responsible for identity theft, spam, phishing, pay-per-click fraud, denial-of-service (DoS) attacks, and information theft. These botnet ecosystems are not due to the actions of single creators (such as virus writers seeking notoriety), but rather, a network of players co-existing in an organized underground buying and selling “microeconomy.”
As a result of phishing via botnets, businesses and consumers are adversely impacted by tremendous financial losses, identity theft, and other damages. This white paper examines the existence of and interactions within the botnet ecosystem that enables phishing—a fraudulent type of spam—and the ensuing damage. This paper also provides information on how businesses and consumers can best protect themselves against these attacks, as well as the benefits of implementing such actions.
View the White Paper
Share or bookmarklet this web page at: