Web Hosting News

  Home arrow Web Hosting News arrow Page 3 - Phishers Grow Clever, Focus on the Mon...
Web Hosting Articles  
Web Hosting FAQs  
Web Hosting How-Tos  
Web Hosting News  
Web Hosting Reviews  
Web Hosting Security  
Weekly Newsletter 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us 
Contact Us 
Site Map 
Privacy Policy 
  >>> SIGN UP!  
  Lost Password? 

Phishers Grow Clever, Focus on the Money
By: Terri Wells
  • Search For More Articles!
  • Disclaimer
  • Author Terms
  • Rating: 5 stars5 stars5 stars5 stars5 stars / 4

    Table of Contents:
  • Phishers Grow Clever, Focus on the Money
  • Upward Trend
  • Greater Sophistication
  • Projections for the Future

  • Rate this Article: Poor Best 
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article




    Phishers Grow Clever, Focus on the Money - Greater Sophistication

    (Page 3 of 4 )

    What's really disturbing, though, is that phishing really does seem to be turning into a business. Websense notes in its report that "True 'companies' have emerged, producing and selling toolkits and developing business partner programs that enable less-technical, 'traditional' criminals to use the web to steal data and make money - lots of it." It would sound like something out of a Monty Python sketch if it wasn't so horribly serious.

    In fact, the toolkits are big business. They range in price from $30 to $3,000 and even come with user manuals. They boast that they can defeat antivirus technologies and even prove it by publishing their testing statistics against the latest engines. The fancier toolkits let malicious hackers inject computer code into the victim's web browser; this code then steals information the victim enters into legitimate electronic forms. These toolkits are quite popular; a less expensive toolkit, available for $200 to $300, has been used by 7,500 web sites, according to Websense.

    Serious and business-like are certainly the right words to use when talking about phishing now. Websense reported a 60 percent drop in websites that make "benign" changes to visitors' computers, such as changing the browser settings, and a 100 percent increase in sites that make malicious changes. These changes include the installation of keyloggers, screen scrapers, and other forms of crimeware without a user's knowledge or consent.

    So just how widespread is the crimeware? Let's look at keyloggers. Normal, generic keyloggers simply log keystrokes; the kinds of keyloggers used by phishers, however, "have tracking components which attempt to monitor specific actions (and specific organizations, most importantly financial institutions and online retailers and ecommerce merchants) in order to target specific information..." according to the APWG. Websense found 212 unique keylogger variants in June -- nearly the same number as in May. However, there were nearly a third again as many unique websites hosting keyloggers in June as in May. Again, the U.S. leads the pack here, hosting more than 32 percent of the websites with crimeware.

    Perhaps the worst part is that many web servers are being subverted by hackers to host malicious computer code. This can happen totally without the knowledge of the web site owner or site visitors. Dan Hubbard, vice president of security research for Websense, notes that "You could be searching for your favorite recipe and go to a web site that has that information, but the site may have been compromised and you wouldn't even know it...Even the web site owners usually don't know."

    Phishing targets have also expanded. Phishers have apparently discovered that the "long tail of search" also applies to their field. "When phishing first started, there were a limited number of brands that were being targeted - the top five banks in the United States, for example," Hubbard explained. "Now they're going after little tiny credit unions in Omaha and Hawaii and San Diego." Websense saw three to six new attacks every day against companies that had never been targeted before.

    Websense even discovered some nasty uses of the phone in phishing attacks. In one case, end users were being lured into installing malicious code via text messages. Victims received a text message on their mobile phone, thanking them for subscribing to a fictitious dating service -- which would then charge them $2 per day automatically, to be billed to their cell phone until they canceled their subscription. Another attack sent a spoofed email, but referred the user to a phone number rather than a web site.

    More Web Hosting News Articles
    More By Terri Wells


    - FreedomPop Offering Open Wi-Fi Service
    - Go Daddy Goes to India
    - Netelligent, Savvis Add New Canadian Web Hos...
    - World IPv6 Launch Happens Today
    - IT Teams Struggle to Keep Pace with Malware
    - Lulz Security Hacks CIA, Takes Requests
    - Apple Unveils iCloud
    - Rackspace Introduces Cloud Load Balancers
    - Amazon Offers Cloud Drive, Disses Music Indu...
    - New Android.Pjapps Trojan
    - Copyright Fight over Hurt Locker Downloads I...
    - Data Reveals Many Browsers Remain Unpatched
    - PandaLabs Report - What Happens to Stolen In...
    - Safari Books Online Review
    - Hackers Targeting Human Rights Groups

    Developer Shed Affiliates


    © 2003-2019 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap