Gone are the days when malware writers designed their programs to show off their expertise and competency, today they are aimed at stealing money and personal information. Trend Micro, leading in anti-virus and Internet content security, has warned internet users to be alert of spy-phishing, a technique that takes advantages of the increasingly famous trend of multiple threats to commit theft of money and personal information.



In addition, of technological advances, the upsurge of spy-phishing in terms of a major element in the threat landscape also highlights the shift in the intent of malware writers. In accordance with the Trend Micro Trojan Spyware Index, the happenings of Trojan spyware have gone more than 250% up over the last sixteen months. Spy-phishing is brought about by making use of Trojan Spyware, or software that deploys itself secretly on a PC and draws personal information but of the user’s knowledge.



Likewise an average of over 188 latest samples of Trojan spyware have been used in spy-phishing attacks per month in the first four months of 2006, a 234 % rise over the same period in 2005, as reported by the Anti-Phishing Working Group. The direct antecedents of Spy-phishing are spyware, phishing and backdoor Trojans. The 5% of spyware that can be regarded as malicious is aimed at only to commit theft of passwords, bank account information, credit card number, social security numbers, and thereafter make use of the information for illicit purposes.



Phishing, whereby the identity of an aimed organization is pilfered to commit theft of identities of unsuspicious customers, often utilized professional-looking, HTML-based e-mails that are comprised with font styles, company logos, graphics, colors and other elements to take-off the supposed sender successfully.



The majority also is comprised with a link to a Web site, which is an exact duplication of the spoofed site, to allure users into leaving their personal information. Backdoor Trojans are malware programmes that works with unanticipated or illegal actions on the user’s computer and allows illicit access by far-off systems.



Read