Phishers using Flash to evade filters

Powered by SC Magazine
 

Cutting-edge phishers are creating websites in Flash to evade detection by toolbars, security experts said this week.

Instead of using HTML, cybercrooks are building pages using graphic animation technology so they are not flagged by most anti-phishing tools, said Mikko Hypponen, chief research officer of F-Secure. His firm viewed two examples, both targeting PayPal, which have since been taken offline.

"It's no longer a HTML page with 20 different images," he told SCMagazine.com today. "It's just one file. It looks exactly the same. If you're not careful, you won't be able to tell the difference."

Users can be tipped off that they are viewing a Flash site if they right click on the page, which reveals some program options, Hypponen said.

"This [technique] seems pretty efficient until the URL becomes known [to blacklists], but in the meanwhile, it works," he said.

Avivah Litan, a Gartner analyst who specialises in phishing research, told SCMagazine.com that new schemes such as this one highlight the need for better protection than phishing filters can offer.

"The crooks are always one step ahead of our technology, and this is another proof of that," she said.

She said the burden falls on internet service providers, domain registrars and browser and email service providers to create and manage an identity layer on the web.

Researchers are hoping that planned high-assurance, extended validation SSL certificates will better assure a site's legitimacy, Litan said.

But Steven Myers, assistant professor of informatics at Indiana University, Bloomington, said phishing attacks have gotten so sophisticated, users should assume "phishers are going to control what shows up on your screen."

Litan said organisations will not get serious about internet security until a cyberattack to the degree of the events of 11th September 2001 occurs, whether that is a mass posting of private information or the widespread takedown of online financial institutions.

Click here to email reporter Dan Kaplan.


 
 
 
Top Stories
NSW Govt gets ready to throw out the floppy disks
[Opinion] Dominic Perrottet says its time for government to catch up.
 
iiNet facing new copyright battle with Hollywood
Fighting to protect customer details.
 
The CISO’s dilemma: Do you trust your partner’s partner?
[Blog post] How far down the chain do you check?
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  25%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  22%
 
End user computing (desktops, mobiles, apps)
  15%
 
Software development
  26%
TOTAL VOTES: 316

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  57%
 
No
  43%
TOTAL VOTES: 121

Vote