Phishing Attacks on Government Websites Aimed to Steal Money
In its recently released report, security software providing company, Symantec, reveals how the larger chunk of phishing attacks that aimed at government Websites during February 2008 increasingly attempted to whisk away money by making false promises for tax refunds, as reported by WHIR News on March 31, 2008.
In the company's February 2008 edition of "The State of Phishing", anti-fraud team at Symantec Security Response found that 84% of fraudulent activities were aimed at the financial sector especially, banking and e-commerce sites. The information services sector was the next biggest target suffering 13% of fraud activity.
According to Symantec, the one difference, however, was that the captured information from the sector for information services was used for spamming activity instead of stealing money.
Besides, around 1% of the attacks were designed to collect information from various sectors like retail trade, aviation, communications, and ISPs.
Symantec further says that the phishing strategies prominently used the free services of Web hosting and over 108 Web hosting facilities were employed to host fraudulent phishing pages that targeted over 147 brands. Also, a good number 293 domain names were used to spoof names of 50 brands to launch typo-squatting attacks.
Besides, phishing attacks are currently observed as more subtle, localized and target-selective. Symantec also noted that phishers are found to continuously use Internet Protocol addresses in the host names rather than in domain names.
The report also revealed that a total of 1,803 attacks used Internet Protocol addresses rather than domain names for the URL specifications. This way the counterfeit domain name could be hidden and not easily detected. Also, since many banks' Website URLs show IP addresses, it becomes hard for users to recognize a genuine IP address from a false one.
Phishing sites designed to conduct the attacks originated from 62 countries. Among the phishing sites not in English, the Italian-language sites were identified as the most in number with those in French and German following. The domains most frequently used were serially .com, .net and .org.
But, the domains most frequently used with respect to country code were serially the Russian, French and German extensions.
Related article: Phishing With A Redirector Code
» SPAMfighter News - 08-04-2008