The worldwide economic damage caused by the Mimail family has surpassed $9 billion, when factoring in business interruptions and productivity losses, according to London-based mi2g, a digital risk management company. Mimail now is only preceeded by Sobig, Klez and Yaha. The Swen virus has been bumped to fifth place.
''Five years ago, hackers and virus writers carried out most of the attacks to demonstrate intellectual prowess,'' says D.K. Matai, executive chairman of mi2g. ''The metamorphosis in motives has definitely been towards financial fraud and extortion activity.''
Mimail-I and Mimail-J are viruses aimed at carrying out a ''phishing'' scam. Both try to induce users of PayPal, owned by eBay, to enter their credit card information into a pop-up window. The victim has to click on an attached program to activate the virus and Mimail-J also asks for a Social Security number and mother's maiden name, two key pieces of data essential for identity theft.
The Mimail virus hit the wild in August, which has been designated as the worst month in history for digital attacks. Sobig-F and the Blaster worms created great turmoil in the on-line world.
In August, viruses, along with overt and covert hacker attacks, caused $32.8 billion in economic damages, according to another report from mi2g, The Sobig virus alone accounted for $29.7 billion of economic damages worldwide.
Sobig has held onto its top position on the infamous list, causing an estimated $36.1 billion in damages. Klez, holding the second ranking, has accounted for $18.9 billion in damages, and Yaha has taken third place with $11.1 billion worth of damages.
The recent Mimail viruses are a refined version of an online scam known as ''phishing'' in which malevolents send emails that appear to come from a major bank or company. The criminals' email directs the user to divulge personal identity information. In most cases of similar banking scams, victims have been directed to enter their data into a look-alike Web site. Mimail's use of an executable program that collects and sends the data back to the attacker makes it difficult for victim companies to stop the scam swiftly by calling on internet service providers (ISPs) to shut down a particular web site.