29.01.2010

Memorandum on data-stealing malware published

CERT-FI, which functions as the Finnish national Computer Emergency Response Team within the Finnish Communications Regulatory Authority (FICORA), has published a memorandum whose objective is to increase the overall awareness of electronic service users about cybercrime aiming at data-stealing as well as theft protection methods. Over the period of 1 January 2008 to 31 August 2009, CERT-FI received about 1,800 notifications from Finnish internet users who had become victims of data-stealing malware.

The memorandum discusses the implementation methods of cybercrime and the opportunities CERT-FI has for action. The objective of this is to make it easier for other players to make use of the tools and data material CERT-FI has in combating against cybercrime and the damages caused by it.

Also, CERT-FI is regularly informed of other information security incidents aiming at stealing data from users. Typically, they try to steal information from users by using phishing or other methods based on deceiving the user. In one case, data was stolen directly from providers of electronic services.

Advice on how to prevent data thefts

The memorandum includes general guidelines on the procedures users may apply in order to prevent data thefts in advance. Moreover, the guidelines also describe the procedures recommended for data theft victims.

More on the subject:

Memorandum on data-stealing malware in Finnish. An English translation will be provided later.

Further information:

Erka Koivunen, Head of CERT-FI, tel. +358 9 6966 737, +358 40 309 8094

Jarkko Saarimäki, Key Account Manager, tel. +358 9 6966 456, +358 40 836 0397.