Rock Phish Attacks Defying Geographic Isolation
According to finance and banking specialist Geoff Noble with security service vendor RSA, cyber criminals cannot be defended merely with geographic isolation, as the notorious Europe-based Rock Phish gang has attacked at least twelve financial organizations in New Zealand and Australia.
The Australian-New Zealand (ANZ) region has seen a rise of 50% in security attacks over 2007. The warning follows the RSA AFCC (Anti-Fraud Command Center) found out a Rock Phish attack malware that infects end-users' computers with a Trojan.
Rock Phish provides a special kind of phishing toolkit that enables even the non-technical users to conveniently launch phishing attacks. phishing is the method of obtaining information like username, password and credit card particulars by faking as an executive from some bank/financial or similar establishment over e-mails. Rock Phish is now referred synonymously with the Europe-based online criminal gang believed to be responsible for nearly 50% of the total phishing attacks globally.
According to RSA's security researchers, the Rock Phish group works like any leading software company, recruiting programmers to create new methods for theft through the Internet. The group's latest attack is especially challenging as it tricks victims into loading a Trojan onto their PC when they access the Rock Phish scam's final web page.
Rather than aiming at home online bankers, the scam targets Blue Chip companies that continue to conduct client-side banking. While the average household Internet bank customer today is reasonably aware about scams, larger organizations are not so educated, and that's what Rock Phish is taking advantage of.
The scam delivers Blue Chip companies e-mail, alleging to be from a reputable bank and asks for downloading a certificate designed to verify the identity in browser. However, the scam further infects computers with the Zeus Trojan that lets the phishing gang to go on accumulating data that is transmitted back to the controlling server.
Moreover, to escape security researchers' clutches and reverse-engineering processes, the crimeware encrypts the communication with the main server. Furthermore, this information that includes the details of a consumer's banking is subsequently sold off on the parallel market to other online miscreants.
Related article: RSA Attendees Responsible for Wireless Vulnerability
» SPAMfighter News - 09-07-2008