Internet crime gets personal

NEW YORK (CNNMoney.com) -- Internet pirates have begun to turn away from traditional attack modes such as viruses and worms and are increasingly using targeted emails and other techniques to swipe critical personal information, according to an Internet security report released Monday.

The report from Symantec takes note of the relatively new techniques in pointing out that Internet criminals have sharpened their focus toward financial gain rather than simple disruption of operating systems. The company observed increases in phishing, where culprits will solicit users for personal information under the guise of a well-known company's name, and spam, or mass junk emails that advertise specific products, to obtain information that can be used for identity theft.

"Whereas in the past these threats were often used separately, attackers are now refining their methods and consolidating their assets to create global networks that support coordinated criminal activity," said the report, which measured online criminal activity for the second half of 2006.

Among the most vulnerable are those in U.S. government. The public sector accounted for 25 percent of all activity that could lead to identity theft. On an international level, the United States accounted for 51 percent of all such activity.

Tracking the way confidential information is stolen is a new feature to the biannual Symantec (Charts) report. The company said it found government-issued identity numbers among the more popular items that online criminals seek.

"On the very very high end, single e-mails are sent out to individuals, very targeted individuals, where they are looking for specific information," said Vincent Weafer, Internet security expert for Symantec. "When I talk to government users, what's keeping them up at night are these targeted attacks."

The report also found that Microsoft's (Charts) Internet Explorer was the browser of choice in 77 percent of attacks, which is roughly equivalent to its market share, and that 93 percent of all targeted attacks, such as those using phishing or spam, occurred on home computers.

Weafer urged stronger vigilance by individual users to fight Internet crime.

"It's not about just locking your front door if you've got your back door and all your windows open. The basics are the basics - patch your system and keep it updated," he said. "Stay away from the dark alleys of the Internet. Don't go to the crack sites, don't go to the sites that are giving free download software, because you know it's pirated."

Other companies keeping an eye on Internet security include CA Inc. (Charts) and McAfee Inc. (Charts), which recently warned that Tokelau in the South Pacific has the world's most dangerous Web sites, and cautioned users against addresses that have a ".tk" designator.

Microsoft Vista: Should you buy now?

Patching Up the Leaky Corporation