RSS Alerts

Related Links

Related Stories

  • Large majority unable to spot phishing sites
    An overwhelming majority (88%) of UK web users are unable to identify phishing online, according to a study commissioned by internet infrastructure services provider VeriSign.
  • Aussie bank customers hit by advanced phishing techniques
    Customers of the Commonwealth Bank in Australia are being targeted by a new breed of phishers, who seem intent on scamming them out of their e-banking and payment card details.
  • Arbor Networks warns on MIME sniffing-based phishing attacks
    Hiding data within digital pictures - known as steganography in security circles - has been known about for years, but now it appears the darkware community have taken the technology concept one step further and are hiding HTML and Java code calls within images when sending out phishing emails.
  • Big phish-hunters make small tank vulnerable
    PhishTank, a mass-participation website used to track phishing sites, is susceptible to voting fraud by criminals, according to researchers at Cambridge University’s Computer Laboratory.
  • One gang corners the market in phish
    One gang is responsible for more than half of all attempted phishing for the likes of online banking log-in details, and has found ways to extend the lives of its web-sites, according to researchers at Cambridge University.

News

SMEs hit by increasing spear phishing attacks

24 June 2009

A European-based gang behind sophisticated and targeted phishing attacks on small and medium enterprises has returned after a five-month break, says security firm iDefense.

From February 2007 to January 2009, the security firm traced 38 different phishing scams that the gang launched from Eastern Europe.

The gang operates by sending highly personalised e-mails to lure employees mainly of SMEs into opening an attachment containing a Trojan.

The Trojan then captures usernames and passwords and continues to gather information on users' online bank accounts, which the gang later uses to steal money.

Rick Howard, director of intelligence at iDefense, said the latest attacks are similar in style to those seen five months ago, but on a larger scale and using a different Trojan.

Phishing attacks, particularly incidences of spear phishing, increased in volume throughout 2008 and show no sign of abating in 2009, he said.

These types of attacks continue to evolve, said Howard, with phishers able to mimic legitimate web pages much more effectively, making them nearly indistinguishable from genuine sites.

"Phishers are also cloaking fake URLs and launching multiple rounds of attacks from different domains," he said.
 

This article was first published by Computer Weekly.

 

This article is featured in:
Data Loss Internet and Network Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Copyright © 2010
Elsevier Ltd. All rights reserved.
Terms & Conditions | Privacy | Website Design Working with water