« Spam defences up’d a notch
Help the other 49% - marry an American »

Phishers getting better all the time

The Register has a report on a new, dangerous type of phishing attack that has just emerged:

Fraudsters have developed phishing emails capable of automatically stealing bank log-in details without requiring users to click on a website link, email filtering firm MessageLabs warns.

Over the last two weeks, MessageLabs has monitored a small number of these dangerous new emails, which are capable of sidestepping the need for user intervention in phishing attacks. Users who only open maliciously constructed emails to be exposed to risk. These emails contain scripts that rewrite the host files of targeted machines. This means that next time a user attempts to access their online banking account they will be automatically redirected to a fraudulent website instead, enabling their log-in details to be stolen. So far, MessageLabs has only intercepted copies of emails targeting three Brazilian banks, but if the technique catches on it could have potentially serious consequences…


From the spam that we get at home, it is noticable that the quality of phishing exploits is continuously improving – better grammar, less spelling mistakes and quite plausible mails requesting you to log on to (fake) bank websites. Although banks in Europe generally claim that successful phishing attacks have been stopped before money has been transferred to phisher’s accounts, it looks as if they urgently need to introduce more secure methods of online banking.

Update (2004-11-05)
More links on phishing and spam:
The Guardian, reporting the same story with a little more detail
Again, the Guardian reporting on spam – 82% of e-mail is now spam and a spammer in the USA has just been jailed for 9 years for sending some of that e-mail.

Update (2004-11-09)
Eudora adds “ScamWatch” – The popular e-mail client from Eudora has been enhanced to flag potential phisher-links in mails:

How ScamWatch works:
Locating the cursor over an embedded email hypertext link produces a URL check. If the link served in email is different from the landing page URL or is an IP address rather than a hostname, a yellow pop-up window points out the difference…

This entry was posted on Thursday, November 4th, 2004 at 23:11:46 and is filed under Computing, On the web. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

Comments are closed.