Phishers casting ever wider nets

By

114,013 new sites found last week, most using commercially available toolkits.

Phishers casting ever wider nets
IBM's X-Force security team is warning of a sharp rise in the number of phishing sites.

The team claims to have found 114,013 new sites in the seven days to 18 June, and said that the bulk of the attacks were focused on one particular bank.

"I am not sure if that is a record for a single week, but it certainly blows away any monthly totals in publications from the Anti-Phishing Working Group," said Gunter Ollmann, director of security strategy at IBM Internet Security Systems.

"On examining which organisations were being targeted in last week's phishing scams, one bank stands out by a long shot. Regions was targeted in 85 per cent of all the automated phishing kit deployments observed by X-Force last week."

Regions has US$140bn in assets under management and has branches across the American south and midwest.

The IBM team also found more evidence of the popularity of phishing toolkits. Over 99 per cent of all phishing sites were constructed using a commercially available toolkit which automatically generates reproductions of popular banking sites.

X-Force also believes that the phishing sites are the work of relatively few people. All the sites were being run from just 111 domains, over half of which were hosted in China, Taiwan and Hong Kong.
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:

Most Read Articles

CBA using facial recognition logins to verify disputed payments

CBA using facial recognition logins to verify disputed payments

Qantas contacted by "potential cyber criminal"

Qantas contacted by "potential cyber criminal"

SA Power Networks tackles IAM, cloud security under five-year strategy

SA Power Networks tackles IAM, cloud security under five-year strategy

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack

Log In

  |  Forgot your password?