Dissimilar systems will be more or less vulnerable in
different phases, and for each of those systems successful attack
schemes have emerged. The bestiary of software classes speci?¬?-
cally designed for malicious purposes has grown so much that
we now use a collective name, malware, for indicating the likes
of worms, Trojan horses, key loggers, spyware, and so on. The
sections that follow by no means constitute a complete list but
Identity theft takes
different forms
depending on the
context
There are many
moments during
which identity
information can be
under attack
The Advent of Pro?¬?table Digital Crime 17
have the purpose of showing the extent and the nature of what
we are dealing with.
Attacks in the Information-Entering Phase
The attacks in the information-entering phase are probably the
most common, and they have a very good chance of being successful.
They are carried out on the basis of two alternative principles:
record the moves of the user without his knowledge or
trick the user into entering sensitive data in the wrong place.
Remember our description of worms and viruses? We stated that
such software can execute arbitrary code on the victim??™s machine;
well, it turns out that one of the most pro?¬?table things
one can do is record key strokes.
Pages:
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55