The last few days have seen a deluge of newspaper headlines and stories about “phishing” frauds. “Phishing” is easy for the consumer to deal with: DON’T respond to invitations to “re-confirm” your personal banking details, however convincing the apparent invitation from your bank to do so.
More insidious, and a much longer term threat that is not getting much publicity at the moment, is the increasing organisation and professionalism of the online criminal community. Hackers, virus writers and spammers used to be separate communities, each containing their own sub-groups and individual cults. Increasingly, they are learning to co-operate, sharing skills and information, to get a part of the lucrative online fraud and spam market.
Hackers and virus writers have the skills that help spam to get into our e-mail boxes – and spam sells all sorts of products as well being the first step in a number of fraudulent schemes, from phishing through to 419 (“Nigerian”) frauds (see http://www.nhtcu.org/).
The growing sophistication of cyber criminals requires a rapid improvement in basic information security skills by all organisations and, even more importantly, home owners and small businesses whose usually poorly protected computers are often used as zombies or relays in more substantial computer crime. There are basic steps that all organisations should take, starting with a risk assessment…….(see http://www.itgovernance.co.uk/consulting.aspx for more information)