Most phishing attacks of the past 12 months involved sending
e-mail that purports to come from a major company – usually a
financial services firm, e-tailer or other service provider.
Victims follow links in the e-mail to "re-confirm" their security
details – and these details are quickly exploited for profit.
With the new scam, unwitting surfers arrive at a site by
searching the internet for items they want to buy. The point does
not appear to take the value of any attempted purchase; instead,
when a product image is clicked, according to CyberGuard, this
downloads a Trojan to the user's PC.
The Trojans can then redirect links to legitimate financial
institutions to fraudulent web sites, allowing the fraudsters to
harvest the user's credentials – and attempt to empty their
accounts.
"If it looks too good to be true," said Paul Henry, a senior
vice president with CyberGuard, "it probably is. Don't let the
Grinch steal your Christmas."
Taking down sites that are identified as fraudulent can be a
slow process. However, another security firm, Cyota, claims that
its FraudAction anti-phishing product has lowered the lifespan of a
typical phishing site to five hours, compared to the industry
average of 153 hours, or 6.4 days, reported by the Anti-Phishing
Working Group. According to Cyota, one bank using FraudAction has
cut its fraud losses by over 50% as a result.
Another firm has developed an internet browser that claims to
detect phishing attacks and warns users once an attack is
discovered. Deepnet Explorer says its product works by checking
sites against its own blacklists and analysing whether visited
sites conform to certain security standards.
