ARN

Study: Internet fraud and attacks rise in tandem

Internet use is still growing fast but so is Internet-based fraud, according to security vendor Verisign, which examined data from its own infrastructure services between August 2002 and August 2003.

According to Verisign's study, "Internet Security Intelligence Briefing," released on Monday, 6.2 per cent of e-commerce transactions carried out in the US were attempts at fraud. More than half the fraud attempts were made by entities outside the US, Verisign said.

Also, the number of security incidents almost doubled between May 2003 and August 2003, Verisign said.

Standard security attacks and fraud are closely linked, according to Verisign.

"Analysis . . . showed extremely high correlation (47 per cent) between sources of fraud and sources of security attacks," the study said. "Attackers who gain control of Internet host machines are using these compromised hosts for both security attacks and fraudulent e-commerce transactions."

Other findings from the study include:

  • total DNS (domain name system) queries such as finding Web sites and email addresses grew by 51.4 per cent between August 2002 and August 2003

  • email related DNS queries rose by 245 per cent over the same period, partly because of the upsurge in spam and mass-mailing viruses such as Bugbear

  • the average number of Internet transactions per online merchant site has grown 17 per cent in the past year

  • SSL (secure socket layer) has become the de facto e-commerce security standard, with over 400,000 sites and growth in certificate issue of 6 per cent over the past year.

  • security incidents per device rose 99 per cent between May 2003 and August 2003, with the Blaster worm contributing most of the increase in August

  • the trend in viruses and worms is towards more sophisticated, potent and coordinated attacks along the lines of Blaster, Nachi and Sobig.F, which was the first virus to direct itself at the Internet's root servers

Security incidents were principally generated in the US (81 per cent), but the percentage of fraud attempts made from the US was much lower (48 per cent). One reason for the difference is the weak policing of the Internet outside the US, according to Verisign.

"International criminals can essentially commit fraud with impunity, given that jurisdiction issues make policing international fraud near impossible," the report said.

Following the US in the fraud stakes was the UK (5.25 per cent), while in third place was Nigeria (4.81 per cent), where the 419, or advance fee, fraud epidemic rages unchecked.

Nominations for the 2012 ARN IT Industry Awards open on Tuesday, June 12.

More about: Rose, Socket, Tandem, VeriSign

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the ARN comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Whitepapers
Latest Stories
Community Comments
rhs_login_lockGet exclusive access to ARN's news, research and invitation only events.
ARN Distributor Directory
Find distributors by name | vendor | location
Channel Deals
/deals/aca-pacific/441_tape-media-and-imation-dataguard-t5r-reseller-
ACA Pacific

Tape Media and Imation DataGuard T5R Reseller Promotion. Ends June 30, 2012

More details »
ARN Vendor Directory
Find vendors by name | category

iAsset is a channel management ecosystem that automates all major aspects of the entire sales,marketing and service process, including data tracking, integrated learning, knowledge management and product lifecycle management.