Big phishers to threaten big fish

Powered by SC Magazine
 

A seismic attack on business could be just around the corner, according to the Anti-Phishing Working Group. With active phishing sites more than doubling through October the group indicated that automated production and increased use by organised crime might threaten businesses in the future.

"There's a feeling that this is just a tremor," said Peter Cassidy, secretary general of the Anti-Phishing Working Group. "Organized crime is discovering that phishing is a way to make money and easily contain cost. What we could see in the future are very large and very painful attacks."

The group argued that with increased use in specific brands, successful phishers could eventually take money away from those businesses whose name they annex.

Over 1,000 active phishing sites in October were reported by the group and directly attributed this to the increased availability of automated tools, networks of compromised computers (bot networks) and skilled programmers. "There is a lot of great talent, particularly in Eastern Europe," Cassidy said.

Although the return on phishing varies, the apparent abundance of bot networks means that large scale attacks can hit millions of potential users, so even a low return is profitable. Since July the average monthly growth rate of phishing emails has been some 36 percent.

This month has seen an increased variation and sophistication in the nature of phishing attacks. Whereas some phishers are using fake job adverts as a technique, others are directly targeting those wanting to buy gifts over Christmas.

But Cassidy claimed all is not yet lost, and that greater sophistication doesn't necessarily mean more robust.

"As the sophistication of attack increases, the attacks generally become more brittle. I'm quite hopeful that business will deal with this new threat, as crime gets more sophisticated so does crime fighting," he said.

www.antiphishing.org

Copyright © SC Magazine, US edition


 
 
 
Top Stories
ATO shaves $4m off IT contractor panel
Reform cuts admin burden, introduces KPIs.
 
Turnbull introduces data retention legislation
Still no definition of metadata to be stored.
 
Crime Commission prepares core systems overhaul
Will replace 30 year-old national criminal database.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  27%
 
Sourcing and strategy
  13%
 
IT infrastructure (servers, storage, networking)
  21%
 
End user computing (desktops, mobiles, apps)
  14%
 
Software development
  25%
TOTAL VOTES: 437

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  54%
 
No
  46%
TOTAL VOTES: 210

Vote