HOW BIG IS THE PROBLEM?
• Anti-virus vendors report receiving 60,000 new malware samples every day
• Approximately 1500 new malware sites are created per day
• Sixty-percent of top Google search terms return malicious sites within the
first 100 results
WHY DO THEY DO IT?
• Canadian Pharmacy spam campaign can net $16,000 per day
• Affiliate webmaster redirecting to a scareware site can net $180,000 a year
• Credit card information sells for $15 to $200 (at the higher end if it includes
the PIN)
• Botnet rental runs as little as $10 - $65 per hour
• One million e-mail address can be purchased for $20 - $100
• Complete set of data on a US resident is only $5 to $8
• A continuous 24-hour Botnet for DDoS attacks can be launched for as little
as $50
• Stolen bank account details goes for $1 to $1,500 depending level of detail
and balance
HOW DO THEY DO IT?
They do it by exploiting weaknesses in common software like Internet Explorer, Microsoft Office, Adobe Reader, Adobe Flash and Java. Software developers have created “crimeware” applications designed to exploit known weaknesses in software on the target computers. The malware is delivered in numerous ways:
• A pop-up in your web browser saying you have a virus
• In a pdf or poisoned Microsoft Office email attachment
• A link in a FaceBook message
• A link your Google search results
• A contaminated USB drive
• Inside a free game or download
• Poisoned ads on prominent websites
• Through security weaknesses in old, un-patched software
