|
|
|
Cyber criminals get to grips with DIY phishing nets
The number of phishing attacks and websites has surged to an all-time high thanks to the growing problem of 'crimeware' kits being sold online.
This was the warning from the Anti Phishing Working Group (APWG) , which said the kits allow non-technical criminals to start up their own online criminal empires.
All the information they need to set up phishing emails or websites infected with malware, such as Trojans, viruses and worms, is contained in the kits bought and sold online.
After people are either lured to a phishing website, or open a link that downloads malware to infect their PC, the criminals will steal personal details such as names, passwords and bank account details.
This DIY approach has helped fuel the rise in phishing attacks over the past year, said the APWG. The organisation, which released its Project: Crimeware report today, said the number of unique phishing attacks this June was nearly 13,500 more than in June 2005.
The number of unique phishing websites had also more than doubled from 4,380 in June 2005 to 9,255 this June.
"The kits allow non-technical criminals to infect websites with malicious exploit code with the intent of running it upon users visiting a website," said Dan Hubbard, vice-president of security for Websense which carried out the research for the APWG .
"We have seen the most password-stealing malicious-code URLs tracked to date. We attribute this to the advancement of monetary gain that is being made by utilising crimeware applications and websites.
This is also attributed to the increased use of exploit kits being sold and bought on the internet," he continued.
APWG's news comes days after another security organisation Messagelabs warned that cyber criminals were increasingly getting close and personal.
Its August 2006 global malware report said phishing attacks are increasingly aping customer or victim relationship management techniques of legitimate businesses.
"The latest wave of phishing attacks uses social engineering techniques by harvesting personal data from social networking sites such as Myspace," said Mark Sunner, chief technical officer at Messagelabs.
"You will be sent an email personally addressed to you from your bank with your correct address and postcode," he explained.
Related articles
Email providers including Google, Microsoft and Yahoo form an alliance with the aim of developing a common authentication standard to help identify phishing emails
Security company warns Twitter users the information, including email addresses, they post in conversations can make them vulnerable to cyber crime
Our top tips range from creating Youtube playlists and multiple Amazon wish lists to search-engine help and which website to visit to report phishing attacks
Q.How do I store musician and other information about...
Q.Why can't my browser find the website address I typed...
Q.All updates have been downloaded, so why won't Windows...
What the web knows about you
20 of the best memes
How to make your computer run more quietly
Choose Gold, Silver or Bronze membership
Save up to 40% on the cover price of each issue
Get access to the subscriber club exclusive website
Our price won't be beaten by any shop or website
Confused by Microsoft’s Windows Live Service? Our Back to Basics explains everything Live Essentials has to offer and what's worth it and what's not
|
|
|
|
|
Nikon Coolpix S570 BlackPrice: £66.99 |
Computeractive Ultimate Guide - Storage, Sharing & BackupPrice: £5.99 |
Back Issue CD-Rom 13 (2010)Price: £14.99 |
Hallmark Card Studio DeluxePrice: £15.31 |
Marine AquariumPrice: £15.41 |
