SINGAPORE, May 14, 2014 – Today, Microsoft Corp. released new data indicating that as attacks against software are becoming more difficult and expensive, cybercriminals are increasingly turning to deceptive tactics for malicious purposes such as stealing people’s personal and financial information. In the last quarter of 2013, the number of computers that had to be disinfected as a result of deceptive tactics more than tripled.
This increase in deceptive tactics corresponds with a 70 percent decline in the number of severe vulnerabilities exploited in Microsoft products between 2010 and 2013. This is a clear indication that newer products are providing better protection. Additionally, the increased adoption of several key security mitigations across the industry are making it more difficult and expensive for cybercriminals to develop software exploits.
“Keeping cybercriminals on the run requires a robust security strategy,” said Tim Rains, Director, Trustworthy Computing, Microsoft Corp. “The safest houses don’t just have locked doors, they have well-lit entry points and advanced security systems. It’s the same with computer security—the more we layer our defenses the better we are at thwarting attacks.”
According to Microsoft’s new data, one of the most common tactics used was deceptive downloads. These downloads were identified as a top threat in 95% of the 110 countries/regions that Microsoft’s data examined.
The top three deceptive threats in Singapore during the fourth quarter of 2013 were:
- Rotbrow;
- Brantall; and
- Obfuscator
Cybercriminals lure their victims with deceptive downloads by bundling malware with legitimate downloadable content such as software, music or videos found online. While the threat of deceptive downloads is on the rise, their impact is often not seen right away. Infected machines often continue to function, and the only observable signs of the malicious download might be a slower computer or unexpected search results popping up in a browser. Over time, fraudulent activities such as click fraud generated from the infected computer can tarnish an individual’s online reputation.
While deceptive downloads were identified as one of the most prevalent tactics used worldwide, ransomware is another deceptive practice that continues to affect people and can be devastating for those victimized by it. Ransomware often pretends to be an official-looking warning from a well-known law enforcement agency. It accuses its victim of committing a computer-related crime and demands they pay a fine to regain control of the computer. Ransomware is geographically concentrated, but for cybercriminals looking to make a quick profit, the data shows it is an increasingly alluring tactic. In fact, the top ransomware threat encountered globally increased by 45 percent between the first half and the second half of 2013.
In light of this new information on cyber-threats, Microsoft advises customers take a few actions to help keep themselves protected, including: using newer software whenever possible and keeping it up to date, only downloading from trusted sources, running antivirus, and backing up files.
Microsoft releases its cybersecurity report twice a year, which culminates data from more than a billion systems worldwide and some of the busiest online services. The report provides an in-depth analysis on the latest threat trends for 110 countries/regions worldwide and is designed to help inform people about the most prevalent global and regional threat trends so that they can better protect themselves and their organizations. Key findings from Volume 16 of the report includes new data from the second half of 2013.
To learn more about the report findings visit www.microsoft.com/sir.
###
About Microsoft
Founded in 1975, Microsoft (Nasdaq “MSFT”) is the worldwide leader in software, services, devices, and solutions that help people and businesses realize their full potential.