Phishing Attacks, Growing in Sophistication
Security firm Message Labs in its report 'Global Malware', released this
August, concluded that phishers are about to employ more sophisticated
'social engineering' techniques. These techniques are intended to attack
consumers for stealing money and identity and business enterprises for
stealing intellectual property.
The research found that recent years are experiencing an ongoing
transformation from virus attacks towards phishing, targeted hacking and
online identity deception.
During the month of August spam activity increased only fractionally by
1.8 percent in relation to 64.5 percent of all outgoing e-mails. Also,
virus traffic continues to grow at about 1 percent. However, the most
significant outcome of the research shows that phishing attacks as a part
of all virus and Trojan activities form almost one-third of all threats,
which was only one-fifth of all threats only a month ago.
The report further warns that the relay of older crude phishing e-mails,
which consumers now know how to spot is coming to an end. The number of
phishing attacks worldwide increased to 460 from the previous month's 321.
While the number of virus outbreaks decline, number of phishing attacks is
rising because of concentration on targeted attacks.
There is a much greater degree of sophistication that cyber criminals
apply in their processes whereas the security firms continue to construct
end-user patches of the models that were made twenty years back. Online
criminals are evolving personalized approaches that imitate relationship
techniques between legitimate businesses and customer-management. This is
also called 'victim relationship management'.
According to Mark Sunner, chief technical officer at Message Labs the most
recent types of phishing attacks employs 'social engineering' methods by
intercepting private data from 'social networking sites' like 'My Space'.
Usually, it involves e-mail in the name of the receiver that comes from
his bank with the exact address and postcode. This type of attack is
steadily increasing since December last year.
Phishing threats need to be countered by a filtering solution. This should
be done at the Internet level even before phishing related spam enter
users' e-mail boxes. One way is to install Firewalls at the Internet
connection point to prevent such harmful entries.
Related article: Phishing With A Redirector Code
» SPAMfighter News - 11-09-2006