Cybercrooks get even more crafty, sophisticated

The Chinese Year of the Rat begins next week. In the cyberunderground, it is already shaping up to be the Year of the Clever Rat, as crooks scurry to perfect ways to steal data and commit fraud.

One pioneering gang is taking over home network routers instead of PC hard drives, a sneakier way to hijack online accounts. Another has perfected a way to use compromised PCs to repeatedly click on Internet ads to generate ad payments to the crooks.

Phishing specialists are putting finer touches on scams to trick people into divulging sensitive personal data on fake Web pages. Meanwhile, top-level crime rings are getting stealthier and more efficient at herding millions of compromised PCs, referred to as bots, into networks that they deploy to steal data, commit extortion and spread spam.

"We fully expect attacks to become even more frequent and continue to grow increasingly more sophisticated in 2008," says Mary Landesman, senior researcher at security firm ScanSafe.

What's going on? Banks, retailers and Internet companies constantly expand e-commerce via slick website features and high-speed Internet connections. Doing so creates new doors and windows for cybercrooks to test. Cutting-edge breaches involve:

•Routers. One gang has begun sending out tainted e-mail greeting cards that, when opened, give the intruders control of the recipient's router, the device that lets several PCs share the same Internet connection. Targeting a router model popular in Mexico, these crooks have defrauded patrons of a large Mexican bank, says Zulfikar Ramzan, a senior principal researcher at Symantec. symc

Copy cats now are the concern. "This attack technique can be generalized quite easily to go after multiple router brands and multiple banks," Ramzan says.

•Phishers. Newly available at a French website: a turn-key phishing kit with everything needed to create bogus bank websites, including templates of official-looking bank letters requesting data. In another current scam, an e-mail targets high-net-worth individuals with ruses keying off the arrival of tax season, says Keith Crosley, marketing director at security firm Proofpoint.

•Click fraud. This month, someone has tainted tens of thousands of mom-and-pop e-commerce sites, Landesman says. Clicking to one of these sites can trigger ads selling fake anti-spyware or turn the visitor's PC into a hub for clicking on Web ads, while routing the ad payment to the intruder.

More so than ever in 2008, Web users must keep anti-virus and anti-spyware up to date, install all software updates and exercise extreme caution opening e-mail and visiting websites.