Whether physical or cybersecurity, do you think it is too easy for people to get hold of ID card making equipment or DIY cybercrime kits? Email your comments to firstname.lastname@example.org
Forget the fake driver’s license templates for sale on the Web, the newest twist – and more dangerous – is the DIY cybercrime kit. It is driving a surge in Internet-borne computer infections. New cybercrooks and veterans alike are using DIY kits to carry out phishing campaigns at an accelerated rate, according to newsfactor.com. Kit users have been blasting out fake e-mail messages crafted to look like official notices from UPS, FedEx, or the IRS; or account updates from Vonage, Facebook, or Microsoft Relevant Products/Services Outlook; or medical alerts about the H1N1 flu virus. The faked messages invariably ask the recipient to click on a Web link; doing so infects the PC with a banking Trojan, a malicious program designed to steal financial account logons. Often, the PC also gets turned into a “bot”: The attacker silently takes control and uses it to send out more phishing e-mail. Generally sold for $400 to $700, the kits come with everything an individual needs to begin infecting PCs. Selling software is legal; illegal use is another matter.