Cybercriminals watch all the news trends and even the seasons. As soon as there’s a new game coming out, lets exploit it. Oh look, it’s January, let’s create a weight loss scam. Oh my goodness, there’s been a natural disaster. Let’s create some catchy headlines and trick those innocent web surfers looking for more information.
And the collection of exploit tools continues. Misspelled url addresses, fake browser plug-ins, celebrity deaths, and many more. Together they form an ever-changing all-you-can-eat buffet for hackers who are out to steal your lunch money and more.
There is definitely a pattern of exploit. And GFI’s latest VIPRE Report for January 2012 shows us the scary truth. They identified the top ten threats for the first month of the year. Some of the trendiest traps included luring Pro Evolution Soccer 2012 fans with a game crack that actually installed ZeroAccess – a sophisticated rootkit known for overwriting critical OS files.
Other traps included taking advantage of businesses concerned about their reputation through Better Business Bureau scams. While Tumblr users were attacked with more Southwest Airline scams. And let’s not forget the domain typo scam that targeted the shutdown of Megaupload.
Despite all the sophisticated security technology in the world, the biggest weakness is the human element. By creating sophisticated scams that exploit the basic human need for curiosity, cyber attack success rates go up through the roof and make victims out of even the savviest Internet users. As a rule of thumb, if it sounds too good to be true, it probably is.