The latest briefing covers Internet usage, e-commerce and fraud trends during the period of January 1, 2005 to March 31, 2005, with a specific focus on phishing and pharming attacks. Salient highlights from the new briefing include: Internet Usage and E-Commerce Continue Surge.

Despite new and existing threats to networks, enterprises and users, Internet usage continues to grow at a rapid pace. In the first few months of 2005, the strong demand for domain names continued, with new registrations for the .com generic top-level domain (gTLD) growing over 29 percent, and the .net gTLD growing 23 percent over 2004. Other interesting facts on Internet traffic include the following:

• In tracking more than 135,000 online merchant customers over the last 12 months, VeriSign observed that the number of e-commerce transactions has grown 31 percent.
• On a quarterly basis, the average e-commerce transaction value increased 4 percent, from $144 in Q4 2004 to $150 in Q1 2005.
• Transactions settled by VeriSign Payment Services, which represents roughly 37 percent of North American e-commerce, reached new records in Q1 2005 with a total volume of 71.29 million transactions with a total dollar value of $10.69 billion.
• During the first quarter of 2005, 84.9 percent of attempted fraudulent transactions originated from computers in the United States. Canada was second with 5.2 percent, followed by the Great Britain (1.1 percent), Australia and Germany (.9 percent) and Japan (.7 percent).
• VeriSign servers facilitated 1.043 trillion DNS queries during the first quarter of 2005, 14 percent greater than the 918 billion VeriSign processed queries in the first quarter of 2004.
• The number of active VeriSign SSL Certificates worldwide in Q1 2005 climbed 12 percent over the same period in 2004.

New Security Threats - Phishing and Pharming

The latest report outlines how cyber criminals, notably Phishing gangs, have begun employing more sophisticated tactics in response to anti-phishing countermeasures. The most dangerous new tactic is "pharming," which is an indirect attack that attempts to intercept communication of personal data between a user and a genuine enterprise Web site by installing spyware on computers, or by subverting some part of the Internet infrastructure, such as the DNS.

On March 16, 2005, VeriSign detected an attack against DNS servers that was potentially an attempt to poison the DNS cache - one of the means to carry out a pharming attack. This attack was indicated by a 300 percent up-tick in probes of DNS servers, and coincided with users of certain Web sites being redirected to a malicious Web site that distributed spyware and adware.

To protect against phishing and pharming attacks, the ISIB recommends that IT administrators take the following actions:

• Ensure that pages containing forms for entering username and password data be secured via SSL.
• Ensure that domain names are "locked" by their registrar to prevent unauthorized modification or transfer.
• Ensure that all DNS server software is up-to-date and configured securely.
• Implement a Phishing takedown response service to eliminate the capture sites used by pharmers and phishers alike.

Additionally, to help solve the Phishing problem, the ISIB encourages ISPs and software vendors to accelerate the adoption of the following standards:

• The DNS Security (DNSSEC) specification, an Internet Engineering Task Force (IETF) proposed standard for using cryptography to secure the DNS
• Secure Internet Letterhead, in addition to the basic browser "padlock," to indicate the authenticity of a Web connection beyond assuring visitors of the strengths of encryption.

"Despite the threats, users across the globe are still using the Internet as an essential tool for business and personal use. This is a continued reflection of the confidence merchants and users can have in online transactions when appropriate security protections are taken," said Judy Lin, executive vice president and general manager, VeriSign Security Services. "For example, the number of VeriSign Secured Seal verifications soared more than 225 percent between May 2004 and May 2005, indicating demand among Web site operators for the greater security, and the increasing propensity of online shoppers to conduct transactions only with Web sites secured by trusted sources."

The ISIB draws on comprehensive data gathered via VeriSign intelligent infrastructure, including DNS services, digital certificates, Managed Security Services (MSS), Payment Services and Fraud Protection Services.

The purpose of this briefing is to help the Internet community and enterprise technology managers to gain deeper insight into evolving trends in Internet usage, security and fraud.