Big phishers to threaten big fish

Powered by SC Magazine

A seismic attack on business could be just around the corner, according to the Anti-Phishing Working Group. With active phishing sites more than doubling through October the group indicated that automated production and increased use by organised crime might threaten businesses in the future.

"There's a feeling that this is just a tremor," said Peter Cassidy, secretary general of the Anti-Phishing Working Group. "Organized crime is discovering that phishing is a way to make money and easily contain cost. What we could see in the future are very large and very painful attacks."

The group argued that with increased use in specific brands, successful phishers could eventually take money away from those businesses whose name they annex.

Over 1,000 active phishing sites in October were reported by the group and directly attributed this to the increased availability of automated tools, networks of compromised computers (bot networks) and skilled programmers. "There is a lot of great talent, particularly in Eastern Europe," Cassidy said.

Although the return on phishing varies, the apparent abundance of bot networks means that large scale attacks can hit millions of potential users, so even a low return is profitable. Since July the average monthly growth rate of phishing emails has been some 36 percent.

This month has seen an increased variation and sophistication in the nature of phishing attacks. Whereas some phishers are using fake job adverts as a technique, others are directly targeting those wanting to buy gifts over Christmas.

But Cassidy claimed all is not yet lost, and that greater sophistication doesn't necessarily mean more robust.

"As the sophistication of attack increases, the attacks generally become more brittle. I'm quite hopeful that business will deal with this new threat, as crime gets more sophisticated so does crime fighting," he said.

Copyright © SC Magazine, US edition

Top Stories
Myer CIO named retailer's new chief executive
Richard Umbers to lead data-driven retail strategy.
Empty terminals and mountains of data
Qantas CIO Luc Hennekens says no-one is safe from digital disruption.
BoQ takes $10m hit on Salesforce CRM
Regulatory hurdles end cloud pilot.
Sign up to receive iTnews email bulletins
Latest Comments
Who do you trust most to protect your private data?

   |   View results
Your bank
Your insurance company
A technology company (Google, Facebook et al)
Your telco, ISP or utility
A retailer (Coles, Woolworths et al)
A Federal Government agency (ATO, Centrelink etc)
An Australian law enforcement agency (AFP, ASIO et al)
A State Government agency (Health dept, etc)

Do you support the abolition of the Office of the Information Commissioner?

   |   View results
I support shutting down the OAIC.
I DON'T support shutting the OAIC.