Phishers Return to Old Fundamental Attack Tactics
As per an analysis of over 20 Billion Web-based threats by Network Box, a security firm, cyber-crooks have returned to the use of fundamental social engineering tactics that used to bring e-mails relating to Cialis, Viagra and others.
Security researchers said that in spite of a considerable rise in targeted spear phishing assaults, attacks aimed at a specific person or organization, most of the e-mails from cyber-criminals continue to use tactics that persuade the recipient to download a file online or go to a specific Website.
Moreover, Simon Heron, Internet Security Analyst, Network Box claimed that although there is no further development in the tactics, the strategy of the cyber criminals is becoming increasingly sophisticated, as reported by SCMagazine on October 21, 2008.
Security specialists stated that the purpose of the new attack methods is often to attract people to visit a Website where they could be persuaded to reveal their personal information like usernames or passwords. The methods are also used to install trojans onto a person's PC so that it could be added to a network of bots. Moreover, the techniques that the hackers employ today are notably smarter when compared to the earlier error-ridden, poorly spelled e-mails.
Simon further stated that file-sharing and social-networking sites are other targets for malicious code to be implanted. According to him, there is a growing tendency to be indifferent about contents downloaded from unfamiliar sources while surfing. Social media also makes the user an easy target.
Furthermore, there has been a huge increase in infected Websites, says Network Box, which claimed that majority of e-mails divert users onto infected sites by persuading them to download programs like flash updates, or quite ironically, new anti-virus solution.
Moreover, according to Simon, the hackers employ remarkably realistic copies of application updates or anti-virus software. They imitate pop-ups one would expect on his computer in the exact style, color and sequence.
In certain cases such as blogs that are not rigorously monitored, hackers could even link the user to a genuine site that they had already infected, Simon noted.
Related article: Phishers Expand Their Sphere of Attacks
» SPAMfighter News - 30-10-2008