As much as Leopard security is near and dear to our hearts, there’s a bigger picture to look at. The San Jose Mercury News has begun an excellent series that goes into details of the multi-billion dollar, mainly foreign-run cybercrime industry. If you weren’t paranoid about security before, you will be now! Even worse, although compromised Windows machines are used as the main tools of this trade, Macs are just as vulnerable to its effects.

The first part of the series, “How online crooks put us all at risk” starts out in Russia, focusing on the $100 million “Rock Phish” cybercrime “start-up,” which may be responsible for half the phishing sites worldwide. The article details how cybercrime has literally become big business:

1. Their two-year rise might be the greatest success story of the former Eastern Bloc's high-tech boom - if only it weren't so illegal. But the cash may be coming from your bank account, and they could be using the computer in your den to commit their crimes.
   

Echoing what we say in the latest version of our book, the article goes on to indicate:

1. During the past few years, a professional class bent on stealthy online fraud has transformed Internet crime, rendering obsolete the hobbyist hackers who sought fun and fame.
   

Another part recalls the poker maxim “if you can’t spot the mark at the table, it’s probably you”:

1. The Internet has handed post-modern swindlers an endless supply of marks, and cheap tools to attack millions with a single click.
   

In talking about those tools, it then alludes to the modern-day evolution of what used to be “script kiddies”:

1. Even the least technical crooks can launch phishing campaigns or control a network of millions of hacked computers at the touch of a button, by purchasing do-it-yourself cybercrime kits. For about $1,000 on underground sites, you can buy MPack, a full-service malware attack and distribution kit, which lets you host a Web page that infects any user who visits. Owners can even monitor the number, type and location of infections from MPack's handy console page.
   

The article then provides an excellent overview of the process from there:

1. An organized crime syndicate might buy a trove of e-mail addresses culled from a data breach; spam out e-mails with a Trojan attached; absorb recipients' computers into a botnet that it rents out to a phishing group, which sends its own e-mails purporting to be from a major bank, asking users to log onto sites hosted on a different botnet; and then the phishers steal money from those accounts and launder them through mules, with everyone taking a cut of the proceeds.
   

Finally, as supporting details, the article even supplies a scary blow-by-blow account of how Rock Phish allegedly does their dirty work:

1. Rock Phish takes advantage of a division of labor that didn't exist among hacker groups even a few years ago... one member planning attacks while others schedule the work or oversee operations... Rock Phish's e-mail campaigns... rely heavily on botnets, short for "robot networks," to confuse victims and evade cybercops. Each botnet is an army of zombie PCs... launching new rounds of malicious attacks... Armed with information from computer users who respond to the group's phishing scams, Rock Phish logs into their online bank accounts. Rock Phish then transfers money from victims' accounts to the accounts of money mules. These unsuspecting assistants have been hired by phony Rock Phish companies that sport innocuous names...They are instructed to withdraw the cash and wire the money, less a commission, back to their employers... Despite the huge aggregate revenues flowing into the coffers of Rock Phish, it survives at least partly because its founders aren't too greedy. Like many of the most successful cyberschemes, the group spaces out its attacks, launching campaigns against a bank for several days, then moving on to another institution.