Online attacks continue to rise

McAfee white paper points to increase in keyloggers and phishing alerts

Online identity theft and phishing attacks have again jumped significantly according to a new white paper report by web security specialist McAfee, prompting some experts to warn that e-commerce could be harmed if consumer confidence is knocked.

The research has found the number of keyloggers increased 250 percent between January 2004 and May 2006, while phishing attacks increased by 100 times over the same period, according to figures from the Anti-Phishing Working Group.

Online retailers' and service providers' profits may be at risk if consumers become too fearful to shop or transact online, according to McAfee security analyst Greg Day.

"Consumers often don't understand all the issues, therefore they're not confident as to what the risks are," he said. "The security vendors and e-commerce industry need to teach them the reality that it is just as safe shopping and banking online as on the high street."

Day added that phishing attacks can seriously damage a company's brand and image, especially if customers are repeatedly targeted by messages purportedly coming from the same organisations.

"The simplest thing to do [in response] is educate your customers, or ask your customers to notify you about phishing attempts, which can help you to shut down these sites," he advised. "More advanced steps could be to offer two-factor authentication for online transactions."

Meanwhile, anti-virus vendors could be putting their enterprise customers at risk because their scanning technology is unable to detect many active web-based threats, according to controversial new figures released by security specialist Lightspeed Systems Europe.

The firm decided to undertake testing of other anti virus vendors' products in part to ensure that their technology was not over-blocking – mistaking good programs for viruses – according to the firm's technical director Earnie Kramer.

But it found that firms including Sophos, McAfee and TrendMicro are detecting less than 20 percent of active viruses in the wild.

"If you drill down into the details, you'll find one of the big problems is that they will pick up one or two variants [of malware] but there may be many others they don't detect."

Kramer called on the industry to be more willing to share information about threats, so that all vendors can provide effective IT security products for customers.

But Andy Kellett of analyst Butler Group questioned whether such figures were entirely accurate in representing the pros and cons of anti-virus vendors.

"I'd want to know a lot more about how they do the testing; there are some well-respected names in there like Sophos," he said. "And how come Kaspersky came out with a 100 percent detection rate – are they doing something that has some synergy around how the testing is done?"

McAfee and Trend Micro also questioned the validity of the findings.

"Testing detection rates is only valid if the process is done by an independent research organisation, such as Avtest.org," explained Trend CTO Raimund Genes. "Any company’s internal test could identify millions of malware sample variants which are only detected by that particular company, making it easy to chart out why that particular software is better than its competitors."

Meanwhile the Internet Service Providers Association (ISPA) Parliamentary Advisory Forum provided an opportunity last week for ISPs to highlight their efforts to protect consumers from threats, including providing targeted education via portals and opt-in security packages with broadband services.

"There was a consensus that the government should leave the market to address things – no one wanted more regulations," explained attendee Kevin Beard of Logica CMG. "Most people agreed a lot more needs doing – the problem will get worse because less sophisticated users are coming online all the time but the criminals' knowledge is increasing."