Hackers launch DIY phishing kit

By

Hackers have launched a website which allows users to construct phishing pages for social networking and webmail sites..

Hackers launch DIY phishing kit
The site was found by researchers at security firm FaceTime, and targets networking sites such as MySpace, Facebook and Google's Orkut, and webmail services including Hotmail and Yahoo Mail.

The page allows would-be hackers to build a special email which can be sent to one or more victims.

The user selects an email template and a site to target, then designs an email greeting card which is sent to the victim. The e-card leads to a phishing site impersonating the domain.

Any log-in credentials stolen by the site are then forwarded to a page which can be accessed by the user.

"It tells you numerous pieces of information, including the number, date and type of account compromised, so the budding hacker can keep a running total of their exploits," wrote FaceTime malware research director Chris Boyd in a company blog.

The researchers contacted the company hosting the site, which was initially taken down. However, a FaceTime spokesperson said that the site was back online at 1:30pm Pacific time on 28 January.

Boyd advised users to be wary of any apparent social networking or webmail site linked from an email greeting card.

"If in doubt, right-click the live link in the email and check what domain it points to," he wrote. "Otherwise, you might end up on a hacker's rapidly growing trophy list."
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Log In

  |  Forgot your password?