Author: admini

According to Gartner analyst Avivah Litan, this is happening because scammers are identifying higher-income targets, moving their phishing sites more frequently and switching up the types of business they try to impersonate.

Victims click on links they receive in the body of e-mails — and, increasingly, in instant messages — from sites purporting to be legitimate businesses like financial institutions, e-commerce and auction sites.

Approximately 109 million U.S. adults have received phishing e-mail attacks, up from 57 million in 2004, according to Gartner. Total loses from phishing attacks have risen to $2.8 billion in 2006, twice the amount lost in 2004.

According to the survey, conducted by Gartner analysts in August of this year, adults earning more than $100,000 per year are attacked more often than those making less.

According to Litan, cyber criminals have done a better job of identifying high-income individuals. They sell each other credit card numbers in online chat rooms, and can identify credit cards with higher spending limits by the first six digits on the card.

http://www.internetnews.com/stats/article.php/3642971

Most of the “blocking and tackling” that was needed to handle network threats has, to a large extent, already been accomplished via technologies such as firewalls and intrusion-detection and -prevention systems, said Mark Burnett, director of IT security and compliance at Gaylord Entertainment Co. in Nashville. “We are layering technology controls to make sure we can identify where the information is passing across our network” and protect it. The overall driving force behind our [security] program is reputation management. Any one incident could ruin all that work.”

Also driving the focus are regulations that Gaylord is required to comply with, such as the Sarbanes-Oxley Act and the Payment Card Industry (PCI) data security standard, which is mandated by the major credit card companies, he said. Ann Garrett, the chief information security officer at the North Carolina state office of information technology in Raleigh, said that a new state law governing the use of personally identifiable information has elevated the need for security controls at the data level.

High-profile breaches such as the one at the Department of Veterans Affairs earlier this year have resulted in an intense scrutiny of data security practices government-wide said Patrick Howard, chief information security officer, at the U.S. Department of Housing and Urban Development.

http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9004914