FYI...Phishers Take Cues From Hackers
December 15, 2004
"Phishing scams again surged last month, an industry organization said Wednesday, as tech-savvy crooks increasingly took up the tools of the hacker trade to steal consumers' personal and financial identities. According to the monthly report from the Anti-Phishing Working Group (AWPG), a consortium of more than 1,000 firms, including a majority of the top U.S. banks and ISPs, November saw yet another increase in the number of phishing Web sites spotted. During November, the group detected 1,518 scam sites, a 29 percent increase over October, and another record for the year.
Worse news than the boost in scamming sites -- which are often "hit-and-run" Web sites that stay up only an average of 6 days -- is the AWPG's analysis of an increase in the use of malicious code by phishers to steal credit card and bank account access and information from users worldwide. "They're definitely starting to cross the boundaries of spyware, phishing, and general virus writing," he said. "Some phishers are using portable executable files
that actually run on the user's machine rather than just put a link in an e-mail. They're using viruses
on your machine, which get there a number of different ways, that are fairly sophisticated. They don't do anything until you go to a known banking or credit card or retailing site that's listed in the virus, and then they either replace the site with their own [fake] version or capture keystrokes and transmit them to the criminals
are often in place on PCs that have been compromised earlier by malicious computer worms and viruses. In some cases, the phishers are only using what's already available
. This trend, said Hubbard, builds on the one outlined last month by the AWPG, which then noted that many of the most virulent phishing attacks seemed to be coming from "bot networks," collections of previously-infected computers..."We've already seen indications that phishers are commanding automated distribution systems, apparently leveraging bot nets
, known as zombies," said David Jevans, the chairman of the AWPG, in a statement accompanying the November report. "Those resources, combined with conventional keylogging and other innovative malicious code, is a threat scenario that could deliver more sophisticated attacks," Jevans added..."