When you surf the web, be on guard. The latest Internet Security Threat Report released by Symantec Corporation, an anti-virus software product provider, says that the Web is now the primary conduit of attack.
This is opposed to network attacks, and that online users can get increasingly be infected by visiting a social networking site or a site you visit everyday.
While earlier, most of the malicious code writers were geeks who wanted to show-off their intelligence by hacking sites, the job of hacking has now been usurped by those with criminal intentions.
"The number of threats is growing more rapidly than before," said Vishal Dhupar, managing director, Symantec Software Solutions. In 2007, Symantec detected 711,912 new threats compared to 125,243 in 2006 -- an increase of 468 per cent; this brings the total number of malicious code threats detected by Symantec to over 1.12 million as of the end of 2007.
In the past, users had to visit malicious sites or click on malicious email attachments to become a victim of a security threat. Today, hackers are compromising legitimate websites and using them as a distribution medium to attack home and enterprise computers.
Symantec said, attackers are targeting sites that are likely to be trusted by end users, such as social networking sites.
Phishing too continues to be a problem. During the last six months of 2007, Symantec observed 87,963 phishing hosts -- computers that can host one or more phishing websites. This is an increase of 167 per cent over the first half of 2007.
Some 80 per cent of the brands targeted by phishing attacks during the study period were in the financial sector. The report also found that attackers are seeking confidential end-user information that can be fraudulently used for financial gain and are less focused on the computer or device containing the information.
In the last six months of 2007, 68 per cent of the most prevalent malicious threats reported to Symantec attempt to compromise confidential information.
According to the report, attackers are leveraging the underground economy to buy, sell and trade stolen information.
This economy is characterised by traits common to traditional economies. Credit card information accounted for 13 per cent of all advertised goods - down from 22 per cent in the previous period and sold for as low as $0.40.
