McAfee has issued an interesting report that explores ten years of innovation in malware and online criminal activity titled "A Good Decade for Cybercrime". The report goes into detail about the evolution and culture surrounding landmark exploits and cyber scams, and presents a really interesting read.
Below are excerpts from McAfee's list of the top five exploits and online scams that impacted how society relates to the cyber realm and fueled major changes in the security industry over the last ten years.
Top 5 Exploits—Representing different periods of cybercrime eras
1. MyDoom's Mass Infection: Estimated damage: $38 billion
McAfee said this 2004 worm tops its list for monetary damage. Designed to infect computers and send spam e-mail, the worm slowed global Internet access by 10 percent and reduced access to some websites by 50 percent. McAfee said it led to billions of dollars in lost productivity and online sales.
2. "I Love You" Worm: Estimated damage: $15 Billion
Named for the subject line of the e-mail that delivered it, this worm hit millions of users in 2000. When users opened the attached "love letter," they actually downloaded a virus that ended up costing companies and government agencies $15 billion in cleanup.
3. Conficker: Estimated damage: $9.1 Billion
This worm originated in 2007 and has infected millions of computers since, installing keystroke-logging and PC-controlling software that gave cybercrooks a way to steal users' personal information and access their machines.
4. Stuxnet Worm: Damage unknown
This recent worm was designed to hijack and potentially cripple real-world targets such as nuclear power plants, factories and oil rigs. Stuxnet has reportedly damaged nuclear facilities in Iran and government facilities in the U.S., India and Indonesia, McAfee said, but its creators are still unknown.
5. Zeus Botnet: Damage unknown
Named for the all-powerful Greek god, this circa 2007 worm is known for stealing personal information by capturing data entered on Internet banking sites. More recently, the worm has shown its ability even to infect mobile devices.
Top 5 Scams—The most common scams, snaring the most victims
1. Scareware—Selling fake antivirus software is one of the most insidious and successful scams of recent years. Cybercrooks play on users’ fear that their computer and information is at-risk by displaying misleading pop-ups.
2. Phishing Scams—Phishing, or trying to trick users into giving up personal information, is one of the most common and persistent online threats. In fact, over 49,0006 phishing sites were detected at the end of 2009.
3. Phony Websites—In recent years cybercrooks have become more and more adept at creating fake websites that look like the real deal. From phony banking sites, to auction sites and e-commerce pages, crooks are constantly laying online traps hoping you will be fooled into entering your credit card or personal information... the number of websites—many of them phony—infected with malicious software or ads have reached 1.2 million7, users should beware.
4. Online Dating Scams—Like the “I Love You” virus, online dating scams tug on victims’ heartstrings to get what they want. The typical online dating scam starts with the scammer posting an attractive picture on an online dating site. The scammer then sends out messages to other members of the site expressing interest. The next step is to strike up a one-on-one conversation with victims, usually via email or instant messages, where they tell a sob story. The crook creates a personal relationship in order to ask for cash, merchandise or other favors.
5. Nigerian Scam—This scam, also known the “advance fee fraud,” usually consists of a spam message from a foreigner who needs help moving millions of dollars out of their homeland and offers the recipient a percentage of his or her fortune to assist in the transfer.
The full report from McAfee is quite interesting and insightful, can be found here: