Old Phishing Websites Still in Spam Race

A latest research by the researchers at University of Cambridge says that several phishing websites which have already been uncovered are still active and circulating huge volume of spam, trapping new victims.

This is really surprising in view of the collective efforts of ISPs, volunteer organizations, security vendors as well as various other groups that helped in the development of a faster and efficient method for turning down the malicious sites, generally within few hours of their emergence.

According to the University, 75% phishing sites alive still after one week of being exposed are sending out fresh phishing mails. Also, around 60% phishing sites, yet active after one month of their exposure, continues receiving spam ads.

Security experts noted that phishers are employing the new technique to trap their victims that is they are no longer creating new phishing sites rather they are capitalizing on the flaws in the already existing sites, using them for mutilating the websites and launching several other sorts of malicious attacks.

In this new technique, phishers don't need to do much as they are not creating anything new but are just altering the existing ones. It's a perfect trick as the site appears legitimate, displaying correct URL.

Phishing attacks lead to huge financial losses. According to a rough estimation, phishing websites that live for a longer period of time account for an annual loss of $330 Million, stated researchers at the University of Cambridge. They also added that the latest findings about persistent phishing campaigns make this estimate much stronger.

Thus, banks and other financial institutes should completely remove these websites. Even in case such sites stay online for a little time span, continuous efforts should be made to remove them as it will help to limit the potential damage by these websites.

Additionally, users are recommended to remain cautious of phishing websites. They should verify the legitimacy of the sites they are visiting; though, it's not an easy task. Therefore, it's better not to click-open any unknown link and any suspicious matter should immediately be brought to the notice of concerned authorities or people.

Related article: Old Widow Fall Victim to E-fraud with Lure of $30 Million Inheritance

» SPAMfighter News - 5/4/2009