Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in your inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.

New and Sophisticated Phising attacks traced to Rock Phish

Phishing has now arrived in a novel form. phishing is now crafted to strike on international customers to make it look different than the earlier scams.

According to Wikipedia, the Rock Phish Kit is a device in popular use that enables people without technical expertise to plan and implement phishing attacks. But security experts disagree with this definition. They think that in reality Rock Phish, is an individual or a group of individuals who are responsible for as much as 50%of the phishing being perpetrated nowadays.

Rock Phish doesn't concentrate on the two most common targets of phishing, PayPal and eBay. Instead, It chooses to target European and U.S. financial institutions. In the last tally, the group had put to its use 44 brands from companies in nine countries, dispatching e-mail messages that attempt to dupe receivers into visiting fake Websites and giving personal information like passwords and credit card details. Rock Phish has duped Citibank, Barclays, E-Trade, Deutsche Bank and many others.

Security experts surmise that Rock Phish is operated by a tiny set of technically skilled criminals -- probably about a dozen hackers -- who create phishing Websites, take care of the domain name registration and make certain that the pilfered financial information is channeled into a central server, which researchers term "the Mother Ship."

Rock Phish utilizes a network of compromised computers to guide Web visitors to the Mother Ship. The hackers have been especially successful in taking advantage of the decentralized character of the Internet for their criminal enterprises. One trick that has really paid off has been to set up new phishing addresses in country domains with low usage. Researchers believe that law enforcement and phishing takedown groups may not have firmly-grounded contacts in such places.

In the interval between establishment of contact with the domain name registrars and getting them to note down the deceitful Web domains, Rock Phish can keep collecting information. Symantec's Ramzan says that the group is a trendsetter in phishing space. Any new technique that makes an appearance can be traced in its origins to the Rock Phish group."

Related article: New Zealand Releases Code To Reduce Spam

ยป SPAMfighter News - 20-12-2006

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page