Phishers using Flash to evade filters

Powered by SC Magazine

Cutting-edge phishers are creating websites in Flash to evade detection by toolbars, security experts said this week.

Instead of using HTML, cybercrooks are building pages using graphic animation technology so they are not flagged by most anti-phishing tools, said Mikko Hypponen, chief research officer of F-Secure. His firm viewed two examples, both targeting PayPal, which have since been taken offline.

"It's no longer a HTML page with 20 different images," he told today. "It's just one file. It looks exactly the same. If you're not careful, you won't be able to tell the difference."

Users can be tipped off that they are viewing a Flash site if they right click on the page, which reveals some program options, Hypponen said.

"This [technique] seems pretty efficient until the URL becomes known [to blacklists], but in the meanwhile, it works," he said.

Avivah Litan, a Gartner analyst who specialises in phishing research, told that new schemes such as this one highlight the need for better protection than phishing filters can offer.

"The crooks are always one step ahead of our technology, and this is another proof of that," she said.

She said the burden falls on internet service providers, domain registrars and browser and email service providers to create and manage an identity layer on the web.

Researchers are hoping that planned high-assurance, extended validation SSL certificates will better assure a site's legitimacy, Litan said.

But Steven Myers, assistant professor of informatics at Indiana University, Bloomington, said phishing attacks have gotten so sophisticated, users should assume "phishers are going to control what shows up on your screen."

Litan said organisations will not get serious about internet security until a cyberattack to the degree of the events of 11th September 2001 occurs, whether that is a mass posting of private information or the widespread takedown of online financial institutions.

Click here to email reporter Dan Kaplan.

Top Stories
The iTnews Benchmark Awards
Meet the best of the best.
Telstra hands over copper, HFC in new $11bn NBN deal
Value of 2011 deal remains intact.
Photos: iTnews Benchmark 2015 finalists revealed
Awards alumni gather to celebrate.
Sign up to receive iTnews email bulletins
Latest Comments
Who do you trust most to protect your private data?

   |   View results
Your bank
Your insurance company
A technology company (Google, Facebook et al)
Your telco, ISP or utility
A retailer (Coles, Woolworths et al)
A Federal Government agency (ATO, Centrelink etc)
An Australian law enforcement agency (AFP, ASIO et al)
A State Government agency (Health dept, etc)

Do you support the abolition of the Office of the Information Commissioner?