GLENDALE, Calif., Sept. 28 /PRNewswire/ -- Phishing (online fraud) is fortifying its position as one of the main cybercrime threats for users and companies around the globe. Data from the Anti-Phishing Working Group (APWG), which aims to combat cybercrime and of which Panda Software is a member, shows that over 70 companies worldwide were targeted by this type of attack in July 2005. The majority of them, over 85 percent, were linked to the financial sector. The average time these pages stayed online in July was approximately six days, despite the intense effort on behalf of authorities and the APWG to eradicate them.

Phishing involves stealing bank details using the Internet. This can be done in two ways: using Social Engineering techniques or with the help of technology. In the first case, the most common method is to send an email to users inviting them to visit a web page, which is actually a copy of the entity which they are spoofing. Finally, users must enter their details, which are then registered.

The second phishing technique is technologically more complex and usually involves dropping a malicious Trojan, which can include a keylogger (a program which captures keystrokes), on the victim computer. This program is usually activated when the user visits a website belonging to a bank and it captures all the keystrokes entered by the user. These usually include usernames, passwords, account numbers and other bank details. Use of these Trojans to steal passwords is growing: between the first and second quarter of this year, the number of variants of this type of Trojan increased by 113 percent, according to data compiled by PandaLabs, and included in the 2nd Quarterly Report for 2005.

This phenomenon is constantly increasing: according to a report published by The Radicati Group(1), phishing attacks have grown and will increase by 115 percent from 2004 to 2005, (an increase from an average of 51 attacks every day in 2004 to 110 in 2005). The forecast for 2008 is 404 attacks every day.

The risk to the corporate sector is evident, as the theft of data in certain sectors could seriously affect the viability of any company. This is not the only way in which companies can be affected. The loss of user confidence in e-commerce can degrade growth of these businesses. A study carried out by the Ponemon Institute(2) shows that 59 percent of users claim to have reduced their number of online transactions due to the threat of phishing.

"Don't make the mistake of underestimating the importance of the phenomenon of phishing in companies," explains Luis Corrons, director of PandaLabs. "An incident of this type can seriously damage companies; resulting in loss of client confidence, as well as the consequences of falling victim to this type of attack."

To head off the avalanche of attacks of this type, the combination of proactive technologies -- which offer high performance without needing updates -- combined with traditional reactive solutions are the most effective. Consequently, the risk of falling victim between the detection of a threat and a vaccine being developed is minimized.

"Our TruPrevent(TM) Technologies are an essential reinforcement to traditional solutions as they prevent local pharming type attacks -- a sophisticated variant of phishing -- and have proved very effective at combating Trojans designed to steal banking information from the outset ..."

Anti-phishing and anti-pharming protection in Panda Software's corporate solutions

The new versions of ISASecure, CVPSecure, ExchangeSecure and ClientShield with TruPrevent(TM) Technologies incorporate effective anti-phishing technology, which allows users to delete these messages, insert a customizable text in them or move them to a specific mailbox. These modules are incorporated in the protection suites for the corporate market, Panda BusinesSecure and Panda EnterpriSecure, which are available along with the most intelligent technologies for detecting viruses and intruders, TruPrevent(TM) Technologies. Contact your vendor for more information

About PandaLabs

Since 1990, its mission has been to analyze new threats as rapidly as possible to keep our clients safe. Several teams, each specialized in a specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc), work 24/7 to provide global coverage. To achieve this, they also have the support of TruPrevent(TM) Technologies, which act as a global early-warning system made up of strategically distributed sensors to neutralize new threats and send them to PandaLabs for in-depth analysis. According to Av-Test.org, PandaLabs is currently the fastest laboratory in the industry in providing complete updates to users (more info at http://www.pandasoftware.com/pandalabs.asp).

(1) The Radicati Group, E-mail Anti-Phishing and Anti-Fraud Market Trends 2004-2008, July 2004. (2) Ponemon Institute, National E-mail Safety and Reliability Survey, July 2005. For more information: Carolina Sanabria Panda Software, USA Public Relations Coordinator Tel: (818) 543-6909 pr@pandasecurity.com

CONTACT: Carolina Sanabria, Public Relations Coordinator of Panda
Software, USA, +1-818-543-6909, pr@pandasecurity.com

Web site: http://www.pandasoftware.com/

• GlazerthePCTech Explains Phishing in The Gainesville Times