Internet Commerce Grows 13.2%

Phishing
Attacks Become More Acute and Globally Diverse. Data comes from VeriSignฎ Internet Security Intelligence Briefing reporting on trends in Internet usage, security, and fraud

HostReview.com
Monday, July 26, 2004; 12:00 AM

London, UK. - July 26, 2004 - VeriSign, Inc. (Nasdaq: VRSN), the leading provider of intelligent infrastructure services for the Internet and telecommunications networks, today released the third edition of the VeriSign Internet Security Intelligence Briefing. This edition highlights Internet usage trends, threat and vulnerability patterns, and best practices to improve enterprise security. The report features a section devoted to the analysis of phishing attacks, a fast-growing category of criminal scams that trick Internet users into disclosing personal information, leading to identity theft.

The briefing underscores the rapid growth in security attacks that have attended the near-continuous growth of e-commerce and Internet-based applications. Among the briefing's findings are:

Internet Usage and Growth
• Internet commerce continued to increase during the past 12 months, with the total dollars transacted by a sample of VeriSign merchant customers increasing an average of 13.2 percent.

• The briefing also measured a continuing pattern of growth in the number of Domain Name Service (DNS) queries, which totaled more than 400 billion per month in the first half of 2004. In total, DNS queries have grown over 1,200% since the height of the so-called "Internet Boom".

• Internet domain registrations, which have historically been an indicator of small-business growth, also continued a pattern of healthy expansion. Registrations of domain names for active Web sites increased by 23 percent for .com and 20 percent for .net during the first half of 2004, as compared to the same time frame in 2003.

Internet Vulnerabilities, Other Security Events, and Fraud
• According to the briefing, there was a noticeable increase in multi-vector worms in the first half of 2004. Such worms can simultaneously exploit several vulnerabilities in one attack, and have a longer shelf life than single-exploit worms. The most effective and potentially damaging example of this breed is called a "phatbot," "agobot," or "gaobot."

• The briefing also notes that exploits are released much more quickly following public announcements of vulnerabilities. This underscores the need for enterprise security managers to be more vigilant in vulnerability assessment, prioritization, and remediation.

• VeriSign detected a rise in the number of security events per device during the first half of 2004, reaching a high of nearly 4,000,000 events during the month of March. Top countries by percentage of fraudulent transactions, determined by the origin of IP address, were led by Cameroon, with 100 percent of transactions determined as risky. Following Cameroon was Nigeria (96 percent), Indonesia (93 percent), and Slovenia (92 percent).

Spotlight on Phishing
• The report highlights the growing problem of this trend, providing examples of phishing exploits as well as guidance on the steps needed to prevent, detect, respond, and recover from such attacks.

• In a sample of 490 phishing e-mails, targeting customers of 16 companies, VeriSign found that 93 percent were sent from forged or spoofed e-mail addresses; 5 percent came from sites making no attempt to disguise their destination, and 2 percent came from "cousin" sites, which closely mimic the company site they are seeking to imitate.

• 37 percent of phishing e-mails directed users to capture sites located outside the United States, with a concentration in Korea, China, Poland, Brazil, Taiwan, Singapore, Australia and Indonesia.

• VeriSign found the majority of phishing attacks were launched between 9:00 p.m. - 4:00 a.m., when IT staffers are often on call or fewer in numbers.

The briefing also notes that phishing attempts are especially difficult to detect due to their sophistication and ability to mimic legitimate communications from businesses. Phishers now lure victims by spoofing addresses and using "browser camouflage" techniques, such as floating a JavaScript window over an address bar. In addition, JavaScript windows can remain installed on a user's browser to record information sent and received while that browser is active.

The briefing, http://www.verisign.com/corporate/briefing, draws from comprehensive data gathered through VeriSign's operation of key Internet Intelligence Infrastructure. The report provides enterprise technology managers and the Internet community at large with a deeper understanding of important Internet usage, security, and fraud trends.

About VeriSign
VeriSign, Inc. (Nasdaq: VRSN) delivers intelligent infrastructure services that make the Internet and telecommunications networks more reliable and secure. Every day VeriSign helps thousands of businesses and millions of consumers conduct commerce and communications with confidence. Additional news and information about the company is available at http://www.verisign.com/.

For more information, contact: VeriSign Media Relations: Brendan P. Lewis, brlewis@verisign.com, 650-426-4470 Text 100 PR: Georgina Boyd, georgina.boyd@text100.nl, +31 20 530 4337 VeriSign Investor Relations: Kathleen Bare, kbare@verisign.com, 650-426-3241