Be extra cautious the next time you receive an e-mail addressed specifically to you. You may be a potential victim that has been targeted by cybercriminals, said Finnish IT security solutions provider F-Secure Corp.

It said cyberattackers are also being more diligent in picking their victims in order to steal personal information.

F-Secure security response programme manager Chia Wing Fei said there has been an increase in the number of targetted attacks over the last six months.

“It is becoming very prevalent and we have seen many more cases this year compared to just a handful last year,” he said during F-Secure’s First Half-Yearly Wrap Up 2008 Report at the Malaysian Communications and Multimedia Commission headquarters here on Tuesday.

He said such targeted attacks are rarely reported in the press because victims are either too embarassed or want to avoid the publicity. Sometimes, the victims do not even know that they have been attacked, he added.

Unlike typical spam messages, targeted attack messages are designed to look authentic and the attackers, Chia said, spend a considerable amount of time studying and profiling victims before sending the messages out.

These messages contain malware (malicious software) that attaches itself to the victim’s computer and steals confidential data stored in the system.

Chia said the method can be used to attack key individuals in a company or organisation, or even for political and military motives.

“During the recent Tibet-China disagreement, many groups, organisations and individuals were attacked with carefully targeted and technically-advanced e-mail-based malware aimed at infecting the computers or spying on the owners,” he claimed.

If successful, victims of an attack won’t even suspect that they have lost important data until it is too late, said Chia. And if such attacks go unchecked, he added, this number could hit 1.5 million cases by year end.

“It is a big challenge for us (at F-Secure) to trace (and stop) such attacks because its unlike other types of malware … but we don’t give up,” Chia said.

Phones, too

He said mobile phones will be also become susceptible to mobile malware over the next two years, as more cellphone users resort to tweaking their phones to enable more features.

Though this may be fun, such activities will enable mobile malware — such as Cabir, CommWarrior or Beselo — to run on these hacked devices, especially those running the Symbian operating system.

“So, although third-edition Symbian phones may be secure, once they are modified, some strains of malware will be able to infect them,” Chia said.

He said users need to take proper measures to protect themselves against such malware, as well as follow a few other rules.

“You should regularly update or patch all your applications — such as Skype, Instant Messenger and web browser — to guard against any software vulnerabilities that could be used by hackers,” he said.

Chia also advised users to not use public PCs for online banking or purchases and to make sure that they regularly update the security of their home or office machines.

F-Secure analyses all malware threats that show up on the Internet and comes out with a report over six-month periods.-TheStar

If you enjoyed this post, make sure you subscribe to my RSS feed!