The Latest in Phish Hooks

New year offers some new twists on attackers' favorite scams

January 3, 2007

2 Min Read
NetworkComputing logo in a gray background | NetworkComputing

5:15 PM -- It's a new year, and we're all making resolutions. I've resolved to lose weight. My editors have resolved to teach me how to write. And phishers have resolved to make their scams harder to detect than ever.

The folks at security vendor F-Secure report that they are now seeing phishing scams that use flash content, rather than HTML, to deliver recreations of real Websites. The flash pages look like the genuine article, but because they aren't written in HTML, they also escape detection by tools designed to seek out HTML fakes.

There are a couple of examples of the flash-based phishing pages on the F-Secure site here. Note how the flash login page looks exactly the same as usual -- the only difference is that it routes you to a new page to "verify" (i.e., retype) your login data, where the thieves nab it. Pretty tricky.

Separately, the folks over at Castlecops.com, a security awareness site, are reporting a new "man-in-the-middle" attack that uses a real site as its launch point. An attacker sends users a fake email, telling them that some unauthorized activity on an account has been detected. The attacker then directs the user to log onto a real site, such as Amazon.com, but then requests additional information, such as date of birth, address, and Social Security number. Users might be logged into the genuine site, then lower their guard and give up personal information.

Castlecops spokespeople believe the new exploits may be the product of some "phishing kits" sold on the black market, which include logos and templates to fake the Web pages of popular banks or retail institutions.

The new exploits prove that 2007's phishing attacks will be more believable than ever. Even users who are wise to recent scams may fall for these new ones. However, some of them are detectable simply by checking an IP address, and others can be prevented through "captchas" that use a mixture of letters and numbers to differentiate automated systems from real users, Castlecops says.

The key is not to focus entirely on how the site looks, but to observe how it operates. If it asks you to put in additional information, beyond what you usually enter, be suspicious.

Maybe you'd better make that your new year's resolution. Anyway, it's easier to stick to than the South Beach diet.

— Tim Wilson, Site Editor, Dark Reading

Read more about:

2007
SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox
Sign-Up

You May Also Like

More Insights
Webinars
More Webinars
Reports
More Reports

Editor's Choice

Enterprises investing in new infrastructure to support AI will have to choose between InfiniBand and Ethernet
Enterprise Connectivity
The Impact of AI on The Ethernet Switch MarketThe Impact of AI on The Ethernet Switch Market
byPam Baker, Contributing Writer
Sep 16, 2024
5 Min Read
Blue and purple digital cloud connecting apps and services with campus NaaS.
NaaS
Campus NaaS: Remaking the Campus NetworkCampus NaaS: Remaking the Campus Network
bySalvatore Salamone, Managing Editor, Network Computing
Jul 31, 2024
4 Min Read
DPUs are extensively used to accelerate AI and ML workloads by offloading tasks such as neural network inference and training from CPUs and GPUs.
Network Infrastructure
Harnessing DPUs & How DPUs are Changing Data CentersHarnessing DPUs & How DPUs are Changing Data Centers
byBob Wallace, Featured Writer
Jul 30, 2024
10 Min Read
Webinars
More Webinars
White Papers
More White Papers
Reports
More Reports
Live Events
More Live Events