Phishing Scams Soared in October
The number of phishing Web sites set up to impersonate banks and steal people's financial and personal data skyrocketed in October to 37,444, the highest on record, according to stats released this week.
The Anti-Phishing Working Group reports that 52 percent more phishing sites were recorded on the Internet than a month earlier and nine times as many as were spotted in October 2005. The steep increase coincides with a massive spike in the volume of spam circulating on the Internet. According to e-mail security firm Postini, 90 percent of all e-mail these days is spam.
Experts say much of the spike in phishing sites is due to the increasing popularity of a fraud method known as "Rockphish," which can deflect the most common security responses to phishing scams. Security experts and anti-phishing groups often put pressure on domain name registrars to cancel fraudulent domains or lobby Internet service providers to take down the phishing Web sites altogether.
But in Rockphish attacks, multiple phishing scams targeting different banks are placed on the same Web server. Each individual scam page is assigned to an Internet subdomain that for a short time is tied to an Internet address of a compromised computer that the phishers control. When a would-be victim clicks on a link in a Rockphish scam, they are routed through the drone PC to the correct scam page, depending on a special code specified in the e-mailed link.
The result is that even if law enforcement or security experts manage to take down the infected PC responsible for relaying traffic to one of the scam sites, the effect of that take-down is usually only temporary as the attackers can simply substitute another bot-infected machine. In other words, "Rockphishing" makes it more difficult for security experts to find the true location of phishing servers.
To get a sense of how aggressive these Rockphish attacks can be, consider this: One avid phish-fighter I interviewed last week who asked to remain anonymouse told me of his recent battle with a single Rockphish attack that generated some 2,000 unique phishing Web addresses in just two days.
Rockphish attacks appear to be a response to the proliferation of browser-based anti-phishing toolbars and technologies. By repeatedly and quickly changing the Internet addresses of phishing sites, the phishers are clearly trying to put a serious strain on the blacklisting approach used by most anti-phishing tools.
December 12, 2006; 10:50 AM ET
Categories: Fraud , From the Bunker , Latest Warnings , Safety Tips
Save & Share: Previous: Finding the Free Version of AVG 7.5 Anti-Virus
Next: Microsoft's Monthly Patch Release Plugs 11 Security Holes
Posted by: DBH | December 12, 2006 11:07 AM | Report abuse
Posted by: Nick Owen | December 12, 2006 12:27 PM | Report abuse
Posted by: darkstone2006 | December 12, 2006 11:55 PM | Report abuse
Posted by: FAKE YOU | January 3, 2007 12:54 PM | Report abuse
Posted by: Apple User | January 4, 2007 10:26 AM | Report abuse
The comments to this entry are closed.