Threat Map Provides Insight Into the Evolution and Advancement of Electronic Crime

SAN DIEGO, Jan. 23 /PRNewswire-FirstCall/ -- Websense, Inc. (Nasdaq: WBSN - News), the world's leading provider of employee internet management solutions, announced today an interactive Global Phishing and Crimeware Threat Map from Websense® Security Labs(TM). The Phishing and Crimeware map displays the most recent data collected by Websense Security Labs and provides a historical look into where phishing and crimeware related websites are hosted on the internet. Upon discovery, each site is looked up via its IP address to track the country of origin through the appropriate IP registrars and plotted on the map.

The Global Phishing and Crimeware Threat Map enables visitors to view the location of phishing and crimeware sites on an interactive map of the world. The data is updated by Websense Security Labs approximately 15 minutes after discovery. Visitors may search threats around the globe by geographic region, date and threat types.

The Threat Map gives a clear illustration of the advancement of fraudulent activity as criminals' branch into new countries to deploy and house attacks. Over the past few months, Websense Security Labs has seen a major increase in the number of phishing and crimeware related websites in the Republic of Korea and China. The United States continues to be the top country of origin for criminal activity on the internet.

In addition to highlighting trends and security events, Websense Security Labs has also begun publishing a security blog available to visitors. Supported by Websense Security Labs alerts, the blog serves as an additional news source designed to deliver the most current information about breaking security research topics.

"In less than a year's time, we have seen phishing techniques evolve from what would appear to be done for bragging rights between hackers to what is now full fledged electronic crime," said Dan Hubbard, senior director of security and technology research for Websense, Inc. "As we continue to discover new crimeware techniques, our customers are rapidly protected by automatically blocking access to dangerous websites and locking down desktops to stop any form of malicious code from executing."

In conjunction with the availability of the Threat Map on www.websensesecuritylabs.com the map will also be viewable through the Anti-phishing Working Group (APWG) at http://www.antiphishing.org/crimeware.html. The APWG is the global pan-industrial and law enforcement association focused on eliminating the fraud and identity theft that result from phishing, pharming and email spoofing of all types.

Starting in June 2005, Websense Security Labs, in conjunction with the APWG, started Project Crimeware. The APWG defines crimeware as a genus of technology distinguished from adware, spyware and malware by the fact that it is, by design, developed for the single purpose of facilitating a financial or business crime.

"Project Crimeware was started because we were witnessing a shift in internet attack styles from simple phishing for credit card information to drive-by downloads of keyloggers and other malicious code," said Dave Jevans, chairman for the APWG. "The Global Phishing and Crimeware Threat Map supports this project and serves as great resource to each of our 2,000-plus members. Our members, the security community, and consumers alike are now able to follow the proliferation of phishing technology and crimeware through time and geographical regions."

Websense Security Labs mines and analyzes over 70 million sites daily for malicious mobile code (MMC) and hacks. The team manages a global honeynet of unprotected computers to discover MMC, new Trojan horses, keyloggers and blended threats. The findings are used to study their techniques, actions, and behavior on an enterprise network system. Information gained provides valuable information that enables Websense Security Labs to discover attacks quickly and deliver a remedy to Websense customers before antivirus signatures are available, thus closing a critical opportunity for exposure.

Websense software is available for organizations who wish to protect themselves from internet and application security threats. For a free 30-day evaluation of Websense software or for more information on protecting your organization from a wide range of threats including spyware, peer-to-peer, virus outbreaks and internal hacking exploits, please visit www.websense.com. Websense Security Labs offers free email security updates as new internet threats are discovered and is available at www.websensesecuritylabs.com. The new Websense Security Labs blog is available at http://www.websensesecuritylabs.com/blog/ and can also be obtained via RSS feed.

About the Anti-Phishing Working Group

The Anti-Phishing Working Group (APWG) is an industry association focused on eliminating the identity theft and fraud that result from the growing problem of phishing and email spoofing. The organization provides a forum to discuss phishing issues, define the scope of the phishing problem in terms of hard and soft costs, and share information and best practices for eliminating the problem. Where appropriate, the APWG will also look to share this information with law enforcement.

Membership is open to qualified financial institutions, online retailers, ISPs, the law enforcement community, and solutions providers. There are more than 1300 companies and government agencies participating in the APWG and more than 2100 members. Note that because phishing attacks and email fraud are sensitive subjects for many organizations that do business online, the APWG has a policy of maintaining the confidentiality of member organizations.

The website of the Anti-Phishing Working Group is http://www.antiphishing.org. It serves as a public and industry resource for information about the problem of phishing and email fraud, including identification and promotion of pragmatic technical solutions that can provide immediate protection and benefits against phishing attacks. The analysis, forensics, and archival of phishing attacks to the website are currently powered by Tumbleweed Communications' Message Protection Lab.

The APWG was founded by Tumbleweed Communications and a number of member banks, financial services institutions, and e-commerce providers. It held its first meeting in November 2003 in San Francisco and in June 2004 was incorporated as an independent corporation controlled by its steering committee, its board and its executives.