Big phishers to threaten big fish

Powered by SC Magazine
 

A seismic attack on business could be just around the corner, according to the Anti-Phishing Working Group. With active phishing sites more than doubling through October the group indicated that automated production and increased use by organised crime might threaten businesses in the future.

"There's a feeling that this is just a tremor," said Peter Cassidy, secretary general of the Anti-Phishing Working Group. "Organized crime is discovering that phishing is a way to make money and easily contain cost. What we could see in the future are very large and very painful attacks."

The group argued that with increased use in specific brands, successful phishers could eventually take money away from those businesses whose name they annex.

Over 1,000 active phishing sites in October were reported by the group and directly attributed this to the increased availability of automated tools, networks of compromised computers (bot networks) and skilled programmers. "There is a lot of great talent, particularly in Eastern Europe," Cassidy said.

Although the return on phishing varies, the apparent abundance of bot networks means that large scale attacks can hit millions of potential users, so even a low return is profitable. Since July the average monthly growth rate of phishing emails has been some 36 percent.

This month has seen an increased variation and sophistication in the nature of phishing attacks. Whereas some phishers are using fake job adverts as a technique, others are directly targeting those wanting to buy gifts over Christmas.

But Cassidy claimed all is not yet lost, and that greater sophistication doesn't necessarily mean more robust.

"As the sophistication of attack increases, the attacks generally become more brittle. I'm quite hopeful that business will deal with this new threat, as crime gets more sophisticated so does crime fighting," he said.

www.antiphishing.org

Copyright © SC Magazine, US edition


 
 
 
Top Stories
How hard do you hack back?
[Blog post] Taking the offensive could have unintended consequences.
 
Five zero-cost ways to improve MySQL performance
How to easily boost MySQL throughput by up to 5x.
 
The big winners from Defence’s back-office IT refresh
Updated: The full list of subcontractors.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  69%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  6%
 
Insider threats
  12%
TOTAL VOTES: 1023

Vote