Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in your inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go

Soaring Phishing Attacks versus Perishing Defenses

Phishing attacks continue to touch heights both in quantity and quality, reports Internet monitor Netcraft. The company Toolbar in 2006 arrested more than 609,000 phishing URLs making a considerable leap from 41,000 in 2005.

The number of attacks increased slowly until the last quarter of 2006. During that year while the number of sites held rose, attackers simultaneously automated their tactics and expanded networks of spurious web pages. spammers then replicated these networks across botnets allowing a massive jump in data surrendering and confirmed phishing sites.

The URLs blocked in 2006 numbered between 1,000 and 20,000 every month pushing to 45,000 in October, 135,000 in November and beyond 277,000 in December same year.

More studies by the company have shown that Rockphish and R11, names of phishing kits have helped attackers launch phishing attacks by dozens targeting a series of banks straight to a hijacked website.

The phenomenon of phishing has taken a global dimension. South Korea, China and Romania continue to host a large volume of such sites. Countries of Eastern Europe have also worked as havens for phishing scams. Armenia is one such example, which has been ground for 3,267 phishing URLs with phishing attacks accounting more than three times that of the number of websites (about 947 numbers).

The attackers have been successful in keeping pace with the Net Zeitgeist. The second half of the year saw frequent phishing attacks through MySpace. Phishers sought social networking services such as MySpace, LiveJournal and Orkut to build networks of compromised PCs, the end products called 'botnets', to send out more spam.

Some methods used to fight phishing, however, have been found lacking in certain issues. One is related to two-factor authentication. In it an account holder generates a one-time password, which he must key-in along with passwords and usernames. A man-in-the-middle attack can spoil this two-factor authentication. The attacker can use a fake login page to snatch data for the dual authentication points and then obtain access to his victim's account.

Phishers are increasingly becoming familiar with technology. They have transferred from just HTML to malicious JavaScript code and recently to Flash.

Related article: Syrians being Increasingly Targeted with Banking Trojan

ยป SPAMfighter News - 19-01-2007

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next