‘Tis the season for hackers, spammers, spyware purveyors, crackers, and other cybergrinches to be jolly. Especially with brand new computers turning up under the Christmas tree like any other toy.
"People want to get on the Net right away, just like they want to put together and start using any Christmas present," said Hewlett-Packard chief technology officer Tony Redmond to reporters. "They should be warned that the Net is a very, very dangerous place."
Experts at Redmond’s company, Dell, IBM, and other computer and software makers and Internet providers say the winter holidays are nothing if not prime hack and crack season—even, they say, if the first place you think of going when you put that new computer on the Internet is a place to update your security patches.
Holiday mischief makers began couching their mischief in holiday-themed e-mails, screen savers, greeting cards, and advertising messages at least prior to Thanksgiving, but began ramping them up in earnest as Christmas approached. And not even men of the cloth were immune. Indylink.org help desk coordinator Kris Murphy told reporters his minister was attacked in the 2003 holiday season, barely moments after unpacking and connecting his machine and trying to update Windows patches.
"Hackers know that you are most vulnerable as soon as you go online for the first time," Murphy said. "Inexperienced people tend to fall into traps more readily because they don't recognize that this guy might be trying to get your credit card information."
Consumer Reports recently reported 36 percent of American home computer users surveyed showed signs of spyware infection and 41 percent said they tried to prevent it.
An analyst at Sophos, the British antivirus and security company, urged consumers to get hold of CD-ROMs with the newest security updates from their vendors or even their office computers before they even think about putting that new computer online. Tony Ross also urged parents to bar children from using the new family computer until it’s completely patched, on grounds that kids aren’t as edgy as their parents about passing their personal information around.
"At some point,” Ross was quoted as saying, “people who receive (computers) for Christmas often ask, 'Is this computer a gift or a curse?"'
That question is likely to become a lot more serious and frequent as 2005 gets underway, with other reports saying those whose job it is to track viruses and mischief in cyberspace think the hackers will turn the Internet into a nastier, greedier place.
"One of the biggest trends we see,” said Symantec director of global analysis Brian Dunphy, “is a shift in the attackers intent to financial gain and making money on the deal." He said phishing scams—e-mails and Web pages faked to resemble actual company sites and literature but looking to trick you into surrendering personal financial information—may have been rare a year ago but have become explosive when it comes to frequency and press attention.
Dunphy and Symantec believe the U.S. remains the prime source for hackers, crackers, and phishers, but such activity is rising in Europe and the Asian Pacific.
And the phishers never miss a chance to alter their tactics, either. Chicago Tribune financial columnist Lorene Yue said December 26 that phishers have now been spotted trying to trick the gullible by claiming—on behalf of the companies whose e-mail and pages they fake—that software glitches wiped out their databases, and unless you’d like your account suspended you’d best log in at a link provided by the phishers.
“Of course, the whole thing is a fraud, in spite of the cleverly disguised logos and quasi-official language. Fall for the scam, and your money will disappear,” Yue wrote. “The bottom line: Steer clear of online solicitations for personal information.”
