Rock Phish-Style, Responsible for Spike in Phishing Attacks
Some organized criminals on the Internet that are most prolific on the Web are beginning to increase their sophistication and frequency of phishing attacks aimed at commercial banks, jobsites and brokerage firms, Security Fix has found.
The technique that supports this latest modification in phishing attacks is called "Rock Phish". The technique is to try to avoid anti-phishing measures after phishers have launched their attacks. Both Internet Explorer 2 and Firefox browsers are featured to alert users when they attempt to visit a site that security experts have flagged as risky. Washingtonpost published this in news on May 24, 2007.
Rock Phish assaults are primarily responsible for the hike in total phishing attacks that security-monitoring companies have recorded. The Anti-Phishing Working Group, an industry associate said it recorded 55,000 phishing sites in April 2007, the highest ever reported. That was almost 20,000 more than the preceding record of October 2006. The APWG attributes the spike to the spread of Rock Phish-driven phishing attacks. Washingtonpost published this in news on May 24, 2007.
Other researchers such as those from MarkMonitor the company that prevents Internet fraud said the sharp rise was because phishers stuffed a single domain with numerous phishing site URLs. This tactic first appeared last autumn.
According to Laura Mather, senior scientist at MarkMonitor, there are many incidents of phishers compiling URLs in thousands on a single domain. This is an attempt to get past website blocking systems that IE7 and Firefox 2 have installed, Mather said. ZDNet published this on May 24, 2007.
Phishtank.com, an anti-phishing community estimated 77,700 new phishing sites in April 2007. Phishtank writes in its blog that nearly 90% of the Rock Phish has recently generated phishing site assaults.
Also according to Te Smith, vice president of communications at MarkMonitor, over the last two months the organization has discovered a cent percent raise in Rock Phish technique attacks. These mostly targeted commercial banks that transfer huge amounts of money. Such customers transfer more sums while red flags are not as fast as the transfer, Smith said. Washingtonpost published this on May 24, 2007.
Related article: RSA Attendees Responsible for Wireless Vulnerability
» SPAMfighter News - 02-06-2007