It's a well known fact that computer (or cyber-) crime is a big business today. It's been a long time since attacks were carried out by amateurs who were looking for a thrill. Today, there are large, well organized, organizations whose business is cybercrime. Their business includes selling cybercrime tools (e.g., for spamming or infecting machines with malware), stealing credit card numbers and reselling them, attacking banks in order to transfer funds to offshore accounts, and much much more. A short article summing up 2008 can be found in NetworkWorld (12/15/2008), and a more thorough and detailed description can be found in Aladdin's AIRC (Attack Intelligence Research Center) threat report. To keep up to date, I strongly recommend reading the AIRC blog as well.

So, if this is so well known, why am I commenting on it? The reason is that despite the above, user awareness regarding computer security is still horribly low. Worse still, many corporate organizations are still deploying very low-security measures. So, even though it's well-known, it's helpful to remind everyone...