The U.S. accounted for 31 percent of malicious activity originating from computer networks, while 10 percent came from China and 7 percent from Germany, Symantec said in its Internet Security Threat Report.
The company also found that 51 percent of all known servers used by attackers to buy or sell stolen personal information, such as credit card or bank account numbers, are located in the U.S.
U.S.-based credit cards, with accompanying verification numbers, were found to be selling for $1 to $6 each on these servers. But a more thorough roundup of personal-identification data--including a person's birthdate and banking, credit card and government-issued identification numbers--fetched $14 to $18, the report noted.
Internet thieves increasingly are turning to Trojan-horse software, which can load keylogging software onto unsuspecting victims' computers. The software is able to harvest people's log-in names and passwords to various accounts and can glean other sensitive information people type into their computers.
Trojans accounted for 45 percent of the top 50 malicious code samples collected by Symantec during the second half of last year, up from 23 percent in the previous six months. Symantec noted that that significant jump further reflects a movement away from mass-mailing worms--programs that spread software viruses and clog networks.
Phishing, an attempt by attackers to trick people into revealing personal or financial information, largely occurs during the weekday, the report noted. Many phishing attacks begin with an e-mail that appears to be from a legitimate source but in fact contains a malicious attachment or includes a link to a malicious Web site. During the second half of the year, a daily average of 961 phishing e-mails were sent to people on weekdays; 27 percent fewer phishing messages were sent out on weekends.
