30% off Inspiron laptop purchases
January 30, 2007 12:09 PM PST
Phishing overtakes viruses and Trojans
- Related Stories
-
IBM donates new privacy tool to open-source
January 25, 2007 -
MySpace sues 'Spam King' Richter
January 22, 2007 -
Cyberthreat experts to meet at secretive conference
January 22, 2007 -
Swedish bank hit by 'biggest ever' online heist
January 19, 2007 -
Police maintain uneasy relations with cybervigilantes
January 17, 2007 -
AOL phisher faces up to 101 years in prison
January 16, 2007
Security mail services vendor MessageLabs reported on Monday that in January 2007, one in 93.3 e-mails (1.07 percent) comprised some form of phishing attack. There were fewer e-mails--one in 119.9, or 0.83 percent--infected with viruses.
The difference in the ratio of phishing to virus attacks is partly due to virus attacks becoming more targeted and no longer occurring as one large outbreak. This includes the recent Storm worm and Warezov attacks, according to MessageLabs.
"If you look at infected e-mail traffic for January, it's very spiky," Mark Sunner, chief technology officer at MessageLabs, told ZDNet UK.
"With Storm worm, there are clear spikes, then drops down to normal levels," Sunner said. "It's as though someone is turning on the tap briefly, then letting it abate."
Phishing attacks have become more sophisticated, according to MessageLabs. As online merchants and banks have shifted toward two-factor authentication, there has been a rise in sophisticated "man in the middle" phishing tools and Web sites, though such attacks are still quite rare.
Two-factor authentication often involves the user keying in pseudorandomly generated codes--for example, from a key fob--as well as entering a password. This is designed to foil attacks where information is harvested using keyloggers; the code can be used only once.
One particular form of man-in-the-middle attack tries to circumvent this by effectively hijacking a user session. Users are duped into visiting a spoofed portal, hosted on a compromised machine. Information entered, such a bank details and codes, is relayed through the compromised machine to the real bank site. Once the users have validated themselves on the real system through the compromised relay, hackers kill the user connection through the relay and take over the session.
Phishing e-mails are also becoming more personalized, according to Sunner, making such confidence tricks more believable. This includes phishers sending links to people for spoof sites of banks that the intended victims actually use, as opposed to randomly hitting a section of the population.
"We're continuing to see a real increase in the targeted nature of messages across the board. Phishing is becoming more personalized," Sunner said.
More phishing sites are now using Flash content rather than HTML in an attempt to evade antiphishing technology deployed in Web browsers.
Security vendor Sophos confirmed that it also saw more phishing than malicious-software activity in January. "More e-mail at the moment does appear to be phishy rather than containing malicious attachments," said Graham Cluley, senior technology consultant at Sophos. "The trend has been for the proportion of infected e-mail to drop for a while now."
However, Cluley warned that this indicated a shift in infection methods toward Web-based attacks rather than a shift from malicious software to phishing.
"More and more of the bad guys are moving towards Web-based attacks," he said. "That means that the e-mail itself may not contain a malware attachment but instead a Web link to a site or download that would then infect you with a Trojan horse.
"We shouldn't necessarily conclude that the malware problem is diminishing; it just may be changing its nature," Cluley added.
Sophos is seeing approximately 5,000 new malicious URLs every day hosting malicious software or drive-by downloads of unwanted content, Cluley said.
Tom Espiner of ZDNet UK reported from London.
See more CNET content tagged:
phishing,
MessageLabs Ltd.,
Graham Cluley,
Sophos Plc.,
malware
Where as with Phishing... they get your credit info, charge your account to the max and make millions off of it... and much of it goes unnoticed until after they've scammed at least thousands, ten-thousands or more!
Bottom Line: Phishing is a Lucrative business by easily fooling so many people with!!!
Walt