Phishers Become More Sophisticated - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
News
News
12/30/2005
02:02 PM
50%
50%

Phishers Become More Sophisticated

Open redirects were one of the favorite tactics of phishers in 2005, said Web-tracking and anti-phishing company Netcraft, and they're a good example of fraudsters' increasing proficiency.

Fraudsters stayed a step ahead of gullible Internet users in 2005 by fine-tuning their tactics and turning to more sophisticated strategies, a U.K.-based Web monitoring firm said Friday.

Open redirects were one of favorite tactics of phishers in 2005, said Web tracking and anti-phishing company Netcraft, and a good example of fraudsters' increasing proficiency.

Redirects, essentially scripts on the Web server, are used by legitimate domains to redirect users to other parts of a large site from, for instance, the home page. Phishers can sometimes exploit these scripts to send users to a fraudulent site when users click on a link in a real site. The user may not even notice that he's been redirected to a phishing site rather than, say, a legitimate log-in page.

Netcraft pointed to several examples of redirection attacks in 2005, including one that used an incorrectly configured government site to fool users into giving up Social Security and credit card numbers. Users were enticed to the real site by e-mail that promised them a tax refund by the IRS.

Other phishing trends Netcraft spotted during 2005 included the appearance of pharming attacks and fraudulent e-mails that included HTML-based forms, a tactic that eliminated the need to craft elaborate Web sites to trick users.

Also in 2005, phishing attacks -- which are spawned by massive amounts of spam -- began using the spammer technique of replacing text with image-based e-mails to avoid detection by keyword-sniffing spam and phishing filters.

"Phishing attacks are continually evolving, as fraudsters develop new strategies and quickly refine them in an effort to stay a step ahead of banking customers and the security community," said a Netcraft spokesman in a statement.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
The State of Cloud Computing - Fall 2020
The State of Cloud Computing - Fall 2020
Download this report to compare how cloud usage and spending patterns have changed in 2020, and how respondents think they'll evolve over the next two years.
Slideshows
11 Things IT Professionals Wish They Knew Earlier in Their Careers
Lisa Morgan, Freelance Writer,  4/6/2021
News
Time to Shift Your Job Search Out of Neutral
Jessica Davis, Senior Editor, Enterprise Apps,  3/31/2021
Commentary
Does Identity Hinder Hybrid-Cloud and Multi-Cloud Adoption?
Joao-Pierre S. Ruth, Senior Writer,  4/1/2021
Register for InformationWeek Newsletters
Video
Current Issue
Successful Strategies for Digital Transformation
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll