RSA identifies new phishing threat

Security solutions provider RSA has issued a warning about a new phishing technique called Smart Redirection Attack.

This type of attack is designed to ensure potential phishing victims always link to a live website. So far there have been two separate attacks detected on two different banks – one based in the UK and the other in Canada.

For a Smart Redirection Attack, the fraudster creates a number of similar phishing websites based at different locations.

All of the emails received by consumers contain links to web sites that direct the victim to an IP address that hosts the "smart redirector".

When the potential victim clicks on the link, the redirector checks all related phishing websites, identifies which sites are still live, and invisibly redirects the user to one of them.

Fraudsters are aware that once a user identifies the site as fraudulent, he or she will report the site's address. Then there's a good chance that someone will shut it down, RSA said.

If the fraudster has used a single address for an entire batch of emails, the entire mailing list directed to that site would be wasted. However, sending the redirector address (hidden from the consumer) assures that the victim will always reach a live site, the compan added.

Naftali Bennett, senior vice president at RSA warns users as anti-phishing vendors become more adept at shutting down phishing websites; attackers will look for ways to counteract solutions.

“These phishing emails look no different than any other. All the action takes place behind the scenes, so as always users need to remain vigilant.

"Technology also plays a big part in preventing sophisticated attacks like these. Security companies like RSA Security are constantly monitoring phishing attacks and the Internet as a whole.”