Phishing for Dollars... if they can... they will

by Fred Showker

You've heard it before: "If they're intent on breaking in, they're going to break in. You can't stop a good criminal."

With browsers, web sites and financial institutions becoming more and more anti-phishing savvy, organized online crime also raises the bar.

For the first time, phishing attacks have outnumbered e-mails infected with viruses and Trojan horse programs. It must be working.

Phishing is getting much more sophisticated, as illustrated on another eBay knock-off that hit Germany on Thursday. The email itself claims that a direct debit order could not be processed and asks users to double check their account details and enter the correct details. That's not so bad. However, clicking executes the attachment ('bill.exe') which initiates a malicious code downloaded which hides in the background while the web page displays a PDF file.

TMCnet's Raju Shanbhag, TMCnet explains about the new "Two-factor authentication"
      "Two-factor authentication involves the user entering pseudorandomly generated codes and a password. This method of authentication was developed after hackers used keyloggers to get the password and broke into the accounts. This pseudorandomly generated code can be used only once."

But just about as fast as the banks can protect themselves, online crime and terrorists program around it...

Raju continues...
      "The hackers have found a new workaround for this authentication tool. The man-in-the-middle attack hijacks a user session and users are lured into visiting a spoofed portal. This portal is hosted on a compromised machine and once the information is entered, such bank details and codes are relayed to the to the real bank site. Once the users have validated their identity on the real system by way of the compromised relay, hackers take over the session."

Most people think it can't happen here, but it's getting harder and harder to tell the difference between the good and the evil...

Raju continues...
      "To make the phishing e-mails more believable, they are becoming more personalized. While earlier attackers just sent phishing e-mails to a randomly selected list, nowadays these messages contain details about the banks, which the receiver actually uses. Also, many phishing Web sites are now using Flash content rather than HTML to escape anti-phishing technology deployed in modern Web browsers."

Read: Hackers' Favorite Phishing: spam version, or print version.

Here's an excellent PodCast from CNet: Joris Evers and CNET's Robert Vamosi give their take in this week's Security Bites podcast : Phishing overtakes viruses, Trojan horses
(Listen to the PodCast MP3)

Fortunately the implementation and deployment of IPv6 will cure all this. But when it's become standard, I have a gut feeling that organized online crime will break that too.

Thanks for reading...

Fred Showker

Fred Showker, Editor, Graphic Design & Publishing

30th Anniversary for DTG Magazine

Post new comment

The content of this field is kept private and will not be shown publicly.

This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Enter the characters shown in the image.