Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


RSA: New Phishing Kit Can Create Phishing Websites in Seconds

AFCC (Anti-Fraud Command Center) of the security firm RSA has found a 'plug & play' phishing kit that can launch a full-fledged phishing website on a commandeered server in a matter of two seconds, after being double clicked upon. The kit comprises of one electronic file, which can be directly uploaded to a server by the fraudsters.

Traditionally, creating phishing websites consisted of installing several files one after another in the corresponding directories of the server commandeered by the phishers. This process is not time consuming in particular, but it needs the users to visit the compromised server many times and manually install the kit. As a result, it increases the possibility of detection, as per RSA, EMC Corp's unit.

Conversely, the latest kit discovered by the AFCC early during this June, automates the process of installation, behaving more like a '.exe' file. This lets the crooks to pay a single visit to the server, thereby simplifying & ensuring the success of a phishing scam as well as decreasing the probability of detection.

The software gets executed on the zombie or commandeered host once, then automatically creates important directories, and finally installs necessary files like HTML pages, images of cards and bank logo, etc.

RSA Security has warned in its Monthly Online Fraud Report that the latest development in cyber-fraud could also allow hackers to carry out automatic search for susceptible servers without actually intruding in to the server.

According to the report, "The possible combination of methods, comprising of tracing & compromising weak servers, with 'plug & play' phishing kits - will likely cause significant decrease in the workload that's involved in the creation and launch of new attacks."

Discovery of the professed 'plug & play' kit by RSA comes 6 months post its researchers discovered a baleful new 'universal man in the middle' toolkit scammers had launched to enable them for harvesting data entered by unwary users at legitimate websites.

Accounting for about 76.04% of overall 58,245 Trojans, phishing related viruses remained the most dangerous kind of viruses during the first six months of this year, as per a report from Kingsoft, an anti virus software firm in China.

Related article: RSA Attendees Responsible for Wireless Vulnerability

» SPAMfighter News - 7/20/2007

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page