Atlanta, GA - November 26, 2007: With Cyber Monday and the Holiday Shopping Season in full swing, SecureWorks has seen foreign and domestic hackers
and scammers gearing up for scams related to the post-Thanksgiving Day commerce. Traffic has been especially heavy on
the hacker forums where hackers arrange these scams. SecureWorks has seen a big increase in that type of chatter on
forums in the last 30 days, and the rate of increase all coincide with the timing of Cyber Monday.
Some examples of the latest and most sophisticated scams that are likely kicking into high gear this week surround
the free coupon and free gift cards. Some of the spam templates SecureWorks has recovered from spambot C&C
(command-and-control) servers include lures to malicious Web sites that offer coupon codes or free gift cards for many
of the large and small retailers. In one scam, the hacker group behind it discusses how the low dollar amount or
pecentage can make the offer seem more credible. That is, they're saying it doesn't appear "too good to be true."
Types of Holiday Hacker Scams
Free Gift Cards: Despite that reasoning, greed still works. Instant messaging and social networking spam is
being used to phish people by saying they can sign up for a program or verify their identity as a winner, getting $500
gift cards in return. Researchers reported some of the gift card scams that have been running on MySpace in
mid-November. We expect those
types of scams to increase during the holidays.
Spyware Targeting Specialty Retail and Restaurant Sites
Spyware is also a huge concern with so many people performing actions such as paying for gift items, and, let's face
it, transferring money out of savings using the Internet. Recently, we have seen a lot of discussion on the hacker
forums about placing iFrames on smaller, specialty retails sites and restaurant sites, in hopes to infect as many
visitors to those sites with malware as possible. The smaller sites might not have an internal IT security department
to keep tabs on their site to make sure that they don’t fall victim to these scams.
All days are risky, but SecureWorks see indicators that Cyber Monday and the remaining Holiday Shopping Season will
call for extraordinary vigilance. Convenience is paramount when it comes to holiday shopping. However, it is easy to
miss larger discrepancies on your bank or credit card statements. For the finacnial institutions and retailers, many of
the fraud detection systems will have to deal with extraordinary purchases and more shipments to addresses other than
the billing address. It's easy to let your guard down in these situations.
With over 2,000 clients and 10,000 devices managed and monitored, SecureWorks has become the leading Managed Security Services Provider safeguarding more organizations than any other vendor. Positioned in the Leader's Quadrant in Gartner's Magic Quadrant for MSSPs, SecureWorks provides the most effective security services by leveraging our integrated security management platform, advanced security research, and 100% GIAC certified experts. SecureWorks' full breadth of security services, encompassing security management, security monitoring, self-service security and professional services, are designed to meet the needs of Fortune 100 companies with large security teams as well as smaller companies with no security expertise. In addition, SecureWorks has helped companies pass over 2,400 compliance audits by providing comprehensive and straight-forward board and examination reports. The combination of advanced technology, industry-leading threat visibility and expert team of security professionals make SecureWorks the clear choice for organizations seeking to enhance their security posture and improve compliance with industry regulations.
