Major increase in phishing activity
Publish date: 28 March 2007
Issue Number: 1176
Diary: Legalbrief eLaw
Category: Cybercrime
A number of serious incidents of phishing thefts have occurred around the world over the past week, amid reports that this online crime is increasing dramatically.
E-Brief News reports that a new survey reveals that 10% of Internet users fell victim to online fraud in the UK last year. And for the first time, the proportion of phishing attacks has exceeded the number of threats from virus or Trojan attacks. Messagelabs Intelligence Report for January 2007 attributes the increase in phishing attacks to the fact that virus attacks have become more targeted and are no longer occurring as one large outbreak. Furthermore, online merchants have recently shifted toward deploying two-factor authentication methods, which have given rise to man in the middle phishing sites. Ferret.com reports that another aggravating factor is that a growing number of phishing sites are now using Flash content rather than HTML in an attempt to evade anti-phishing technology deployed in Web browsers. Get Safe Online, a British Government-backed Internet safety group, said almost 3.5m British people in total had been victims of fraud, many of them experienced Web users. Peoples Daily Online reports that despite the high incidence of fraud, the organisation warned that many people were still failing to take basic steps to protect themselves when using the Internet, and less than half of people felt they were wholly responsible for their own safety when online. According to the survey, just 9% of people take steps to protect Web site passwords.
Full Ferret.com report
Full Peoples Daily Online report
In SA, there have been a number of major incidents, with police saying too many people are falling prey to phishing scams. Port Elizabeth commercial crimes unit head Andre Horak said 30 cases of Internet fraud, totalling more than R800 000, had been opened since the beginning of February. He said this was more than half of the 59 active cases, totalling more than R3m, that his investigators were working on. The Herald has learnt that at least six people, all of whom are First National Bank clients, fell prey to Internet bank fraud over the past few days. Standard Bank has also issued a warning to its clients. The Star reports that the bank said its Internet security team had become aware of a growing number of phishing attempts aimed at obtaining clients\' personal banking information. Recipients are told to visit Web sites where they are asked to enter information such as passwords, credit card details or bank account numbers. The Web sites look genuine and, after fraudsters collect the information, the unsuspecting client is redirected to the real Web site. In Pretoria, police have warned of a scam, offering overseas job opportunities, which could lead to identity theft. According to a Pretoria News report, police spokesperson Captain Percy Morokane said the potential victim is contacted via e-mail and offered overseas employment with many tempting benefits. Personal details are then requested from the recipient of the e-mail such as banking details, scanned identity documents and copies of their academic qualifications. On receipt of these documents, a fake employment contract is sent to the victim. And, the personal information provided by the victim could be used for identity theft. Meanwhile, Symantec has listed SA 42nd in the world in terms of malicious activity and 34th for the number of phishing hosts in its latest Internet Security Threat Report. It has also warned the 2010 World Cup hosts to prepare for a deluge of threats during the actual tournament. IT-Online reports that the security firm hints that SA could be dramatically pushed up the rankings during the soccer extravaganza as it has noted a distinct increase in phishing activity during major holidays and major sporting events such as the World Cup.
Full report in The Herald
Full report in The Star
Full Pretoria News report
Full IT-Online report
In other developments, a Trojan that is reportedly feeding information from 10 000 stolen records to a Russian crime ring was specifically designed to circumvent financial institution\'s safeguards. InformationWeek notes that the malware writer designed the malicious code with components geared to bypass the multifactor authentication protections that financial institutions generally use. Calling it a \'novel approach,\' the spokesperson for SecureWorks, said they have notified the financial community to be on the look out for a continuing or similar attack. Analysts at SecureWorks said the Trojan, named Gozi, has been stealing personal information since 2006. The malicious code, which had gone undetected for about 50 days, has stolen records containing the personal information from roughly 5 200 people.
Full InformationWeek report