Symantec - Phishing Attacks against Reputed Indian Companies on the Rise

According to the software security company Symantec, Indian brands are increasingly becoming targets of phishers who try to grab people's private and confidential information for executing money laundering frauds.

Shantanu Ghosh, Vice-President of Product Operations, Symantec India, said that phishing was an escalating threat within the cyber crime scenario of India. He added that as web-traffic for Indian brands' websites increased, it was evident that phishers too increasingly exploited the sites' popularity to launch malicious phishing attacks, as reported by The Economic Times on September 24, 2009.

Explaining the phishing means, security specialists said - it's an effort to ask for secret details from a person, organization or group via the act of spoofing or imitating a specific reputable company for the purpose of acquiring monetary benefits.

These kinds of attacks, according to Mr. Ghosh, have been increasing for the past few months, with a four-fold rise during the 1st two weeks of August 2009 when the jump was 2% from 0.05% of the total phishing assaults against Indian brands.

Additionally, Symantec also classified different phishing attacks such as Flash phishing in which the scammer, while imitating a well-known organization's advertisement, redirects an end-user to a fraudulent or phishing website, and Dynamic phishing in which an end-user is tricked into clicking on a harmful web-link.

Furthermore, Symantec has computed that during 2007-08, online criminals in India launched more than 1,000 distinct phishing attacks targeting reputed banks, suggesting that phishers are becoming more organized and sophisticated.

As per the security analysts, the ongoing situation of economic slump with its associated unemployment surge has worsened things. Attackers are apparently taking advantage of trends like the economic downturn or job hunters seeking work by employing attack codes for infecting their victim's PCs. What's more, there appears to be an increasing tendency of the problem.

Hence, security specialists advised people to remain alert. If anyone got a request e-mail soliciting online banking credentials such as password, account number, PIN, CVV, debit/credit card number etc., he shouldn't reply, rather he must delete it. In case he opened it inadvertently, he shouldn't open/click any attachment/link given therein, the specialists cautioned.

Related article: Sentence for American Contractor for Sabotaging Government Navy Computers

» SPAMfighter News - 10/15/2009