Phishing: New threat Identified
- A new phishing scheme has been identified this month in the US. Some banking customers have in fact received e-mails purportedly from the National Automated Clearing House Association (NACHA), the Federal Reserve Bank, or the Federal Deposit Insurance Corporation (FDIC). These spams enable fraudsters to infect the work stations and retrieve the users’ banking identifiers.
- As with most phishing cases, the victims are lured into clicking on the links included in the unsolicited e-mail: they are redirected to different infected pages inadvertently triggering malware installation on their computer. The infected work stations are also enrolled in bots to provide the required machine for future attacks (type DDoS).
- Called “Gameover”, the programme steals identifiers and passwords, thus invalidating the authentication methods generally favoured by financial institutions. The recent variant of Zeus, like its predecessor, targets connection identifiers.
- Investigations are in process to try and take down this threat as well as to understand its aim. It may already be shown that stolen funds would be used by fraudsters to order precious stones and other high-end items from jewellery stores: goods to be picked up by “money mule”.
- These incidents again highlight the part played by money mules falling prey to organised networks (and often hired without even being aware of it). It also asserts the Internet users’ lack of clear-sightedness. These deficiencies are still used by fraudster to carry out their profitable crimes.
- Also, according to the APWG, the number of attacks has increased worldwide from nearly 50,000 cases in H1 2010 to more than 115,000 cases in H1 2011: this shows that fraud industry still feeds itself from Internet Users’ credulity (see December 2011 Insight).
- Finally, the same group also notes that most phishing websites are based in the US (46.42% in June 2011).