Gang of Spear Phishers Makes Effective Comeback
According to security researchers at iDefense, a prolific gang of phishers, notoriously famous for launching targeted and sophisticated e-mail assaults to enable them to steal money from the bank accounts of SMBs (small and medium businesses), seems to have returned after a 5-month pause.
During February 2007-January 2009, the security company traced 38 different phishing scams that the gang called 'Group A' had launched from Eastern Europe. iDefense says that it believes the gang was one of the two groups responsible for several phishing assaults that even hit the U.S Department of Justice, the Internal Revenue Service, the Better Business Bureau, ADP the payroll giant, and Suntrust.
Understandably, during the 2008 summer, Romanian and European authorities arrested many individuals belonging to a competitor BBB phishing group, which iDefense named 'Group B.'
Although the kind of tactics 'Group A' uses after victims are entrapped have increased in sophistication, the early entices employed to dupe people remains unchanged. The scammers during each of the attacks dispatch "spear phishing" e-mails (e-mails that address the victim by his name) and lure recipients into opening an attachment.
The attachment contains a Trojan, which captures usernames and passwords, and also hunts for victims' online bank accounts information. Subsequently, the attackers start withdrawing money from those users' accounts following a theft of their credentials.
The scammers' entice in the latest spear-phishing attack involves a warning to the recipient about a wire transmission from his account, and a short message requesting the recipient to examine an attached statement and then to inform the sender if the details are correct.
Meanwhile, iDefense has computed that no less that 880 people of which nearly all are employees of Fortune 500 and SMBs in the USA have been victimized in this most recent scam that started on June 4, 2009.
Elucidating on the 'Group A' gang, Mike LaPilla, Security Analyst at iDefense, said that the con guys were back with even greater force and a new Trojan that was completely different from the earlier ones, as reported by The Washington Post on June 10, 2009.
» SPAMfighter News - 20-06-2009