What's going on here? While many of us were worrying about old-school viruses getting on our computers, the world of cybercrime took it to a whole new level. Not only ramping up the speed with which they toss new threats out into the marketplace (we've seen logarithmic growth in new malware over the last 2 years), cybercriminals are far more sophisticated in their efforts, buying and trading your private information in a vast, underground black market.
That black market came to visceral life today in a gritty warehouse setting in Manhattan's Meat Packing District. Just off a cobblestone street, up a loading ramp and into the black painted container car emblazoned "Blk Mkt", Symantec/Norton took journalists on a tour of what it would look like if our online criminals put up a retail store. There were bulk bins full of "credit cards", "email lists" and "full data dumps" showing how actual online criminals are buying and trading databases of your personal information. Bulk packs of full "dumps" including everything you might need to set up new credit accounts or get a loan: full name and address, social security number, date of birth, mother's maiden name, account numbers and passwords. There were disks representing "toolkits" used by novice hackers to get quickly into the spam or keystroke logging business. And in brightly colored, shrink-wrapped boxes were faux antivirus and spyware software that people often buy after falling for those fake online alerts telling you your system is infected.
After touring the bright retail space, a secret door opened into the hacker's world. Darker, festooned with servers and flat screen displays, littered with pizza boxes, the hacker side of the display included demonstrations of what a criminal sees when they put keystroke loggers on your computer or get you to fall for a phishing scam. We demonstrated the ease with which your raw identity can be converted into physical credit cards. We also showed the Internet Relay Chat or IRC conversions between criminals who are actively buying, selling, and trading databases of stolen credit cards, compromised websites and networks of bot-infected computers.
The purpose of the Blk Mkt demonstration was to bring home the point that today's cybercriminal is working in a highly refined stealth mode. The consumer often doesn't even realize they've been duped into giving up information or allowing malware onto their system. The days of the annoying computer virus that interrupted your work is long behind us. We've got to stop making the criminals' job so easy by letting our guard down about security. Yes, you must have security software on your computer and you've got to be alert when you go online. You have an active role in deciding whether to "allow" or "deny" a cybercriminal access to your information.
That caution must extend to trusted environments like social networks and well-known brands because, as we've seen so many times in the past, cybercriminals will use our trust against us, getting us to fall for scams if hosted on social networking sites because we believe we're among friends or failing to recognize a threat if it appears on a website from a major brand. Stay vigilant! And to learn more about today's cybercrime environment and the "Blk Mkt", please visit the website at http://www.everyclickmatters.com/.