Online Crime Complaints Down, Botnet Numbers Way Up

/ Source: SecurityNewsDaily

Complaints about Internet criminal activity dropped 10 percent last year, even as the number of computers hijacked by botnets shot up more than 600 percent. Computer users may be getting savvier, but security experts think online criminals are scurrying to find new methods of attack.

U.S. citizens reported 303,809 instances of online criminal activity in 2010, down from 335,655 the previous year, according to the Internet Crime Complaint Center’s (IC3) 2010 Internet Crime Report.

IC3 logged an average of 25,317 complaints per month in 2010 to its website, The majority of complaints (14.4 percent) concerned non-delivery of payment or merchandise. Scams using the FBI’s name accounted for 13.2 percent, while 9.8 percent of complaints were about identity theft.

Although the 2010 stats rank as the second-highest in the IC3’s 10-year history, experts speculate that last year’s sharp drop is a telling indicator of the average computer user’s growing security awareness.

On the other side of the coin, as the Internet population — companies and online merchants included — gets savvier, online criminals find new routes of attack, or adapt old ones to meet the challenge of better-informed victims.

The Top 10 Botnet Threat Report – 2010, from the security firm Damballa, shows that the total number of PCs enslaved by botnets grew by 654 percent.

A botnet is a large number of Internet-connected computers that have been infected by malware which links them together to form a network, which then is in turn used to send out spam, launch attacks against targets or distribute other forms of malware.

The “zombie” machines are often ordinary home or business PCs whose owners have no idea they’ve been hijacked.

Botnet software was found on on more than 35 percent of all the computers Damballa monitored, as the technology blog Dark Reading pointed out. Many machines had more than one sort of botnet malware.

Damballa security researchers said many botnet operators were now using their zombie computer armies to steal data.