RSA identifies new phishing threat

Powered by SC Magazine
 

Security solutions provider RSA has issued a warning about a new phishing technique called Smart Redirection Attack.

Security solutions provider RSA has issued a warning about a new phishing technique called Smart Redirection Attack.

This type of attack is designed to ensure potential phishing victims always link to a live website. So far there have been two separate attacks detected on two different banks – one based in the UK and the other in Canada.

For a Smart Redirection Attack, the fraudster creates a number of similar phishing websites based at different locations.

All of the emails received by consumers contain links to web sites that direct the victim to an IP address that hosts the "smart redirector".

When the potential victim clicks on the link, the redirector checks all related phishing websites, identifies which sites are still live, and invisibly redirects the user to one of them.

Fraudsters are aware that once a user identifies the site as fraudulent, he or she will report the site's address. Then there's a good chance that someone will shut it down, RSA said.

If the fraudster has used a single address for an entire batch of emails, the entire mailing list directed to that site would be wasted. However, sending the redirector address (hidden from the consumer) assures that the victim will always reach a live site, the compan added.

Naftali Bennett, senior vice president at RSA warns users as anti-phishing vendors become more adept at shutting down phishing websites; attackers will look for ways to counteract solutions.

“These phishing emails look no different than any other. All the action takes place behind the scenes, so as always users need to remain vigilant.

"Technology also plays a big part in preventing sophisticated attacks like these. Security companies like RSA Security are constantly monitoring phishing attacks and the Internet as a whole.”


RSA identifies new phishing threat
 
 
 
Top Stories
AGL restructure sees CIO depart
Owen Coppage to leave after ten years.
 
Data: Advertising's best frenemy
STW Group's Tom Ceglarek faces a digital conundrum: he must feed his client's demand for performance insights while his industry is being undermined by data analysis.
 
Inside Telstra's multi-faceted cloud strategy
An overview of its own cloud and deals with Cisco, VMware, IBM and NextDC.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Do you support the Government's data retention scheme?

   |   View results
Yes
  11%
 
No
  89%
TOTAL VOTES: 2126

Vote