Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Home PCs launch phishing attacks

Home PCs launch phishing attacks

by Nikola Strahija on May 18th, 2005 The Honeynet Project recently released a study, which states that phishing attacks are growing more sophisticated as attackers devise ever more devious means to stay at least one step ahead of banks and others fighting the contain fraudulent scams.


As with a previous study on botnets, Honeynet findings come from monitoring a network of PCs deliberately left open to attack. What emerged from the study is the most detailed technical description of the modus-operandi of phishing attacks ever published. It also discovered that lax security practices by consumers and small business are giving fraudsters a base from which to launch attacks.

The researchers discovered that phishers compromised honeypot machines for four main purposes: to set up phishing websites targeting well-known online brands; sending junk mail advertising phishing websites; installing redirection services to deliver web traffic to existing phishing websites or for spam and phishing messages via botnets.

The research backs up the theory, advanced by groups like Spamhaus as well as police investigators, that the trade in compromised machines (botnets) to send out spam is linked to groups carrying out phishing attacks.

"Our research also suggests that phishing attacks are becoming more widespread and well organised. We have observed pre-built archives of phishing websites targeting major online brands being stored, ready for deployment at short notice, suggesting the work of organised phishing groups... Our research demonstrates a clear connection between spamming, botnets and phishing attacks, as well as the use of intermediaries to conceal financial transfers," the report concludes.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »