The Latest in IT Security

New attack vectors leading to digital pickpocketing of digital wallets


AVG’s latest Q3 2011 Community Powered Threat Report has highlighted the prevalence of a new breed of cybercrime attacks being launched against users’ ‘digital wallets’ to target the new credit currencies in widespread usage on the Internet. As individual users and businesses alike now start to trade in the ‘currency of the web’, cyber criminals are targeting Facebook Credits, Xbox Points, Zynga Coins, SecondLife Lindens and, specifically, mobile phone bills.


This emerging trend has initially targeted ‘low hanging fruit’ among the consumer community, but its upward growth to digital payment technologies used by businesses is part of this growing development. After all, cybercrime is a billion pound business and the e-crime unit of the UK’s Metropolitan Police has reported its prevention of ?140 million in cyber-theft over the last six months alone.

Mobile technologies form a central part of this fast developing threat. Users are at an increased risk of downloading Trojans onto their smartphones today; and cybercriminals are using text messaging to target users with malware that is capable of sending out dozens of texts to premium rate services and ‘harvesting credit’ in this way.

Criminals are similarly collecting business people’s smartphone numbers from corporate websites and signing up these users to illegitimate services that direct them to other premium priced money-gathering endpoints. With corporate smartphone accounts often being paid for by the employee’s company, this type of attack can go undetected for weeks or months – hence, this truly is a multi-billion pound problem.

A spiraling number of attacks have also been identified on the Android mobile operating system, which has seen user’s phone conversations digitally recorded and subsequently analysed. The data from calls to banks or information given over to confirm credit card details is then used to carry out sophisticated identity theft attacks on users and company’s bank accounts. This occurrence has even led to cases of blackmail being experienced.

How much of this data analysis is being carried by automation technologies such as voice recognition software is hard to gauge at this stage, but we can say with certainty that the ‘automated collection of stolen monies’ is happening. Other key threats highlighted in the AVG Q3 2011 Community Powered Threat Report include malware disguised as legitimate anti-virus scanners, hacking toolkits that anyone can buy and the malware-laden Angry Birds Rio Unlocker app.

Companies and individuals should be aware of these highly automated and extremely costly money-gathering techniques, which can result in big payoffs for the thieves currently perpetrating these cybercrimes.

The AVG Community Powered Threat Report is made possible by AVG’s Community Protection Network, our online neighbourhood watch, which helps protect participating users while documenting new threats as they appear on the web. The full report can be downloaded via this link AVG Community Powered Threat Report – Q3 2011.

Avg Community Powered Threat Report Q3 2011

View more documents from AVG Technologies.

Leave a reply



Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments