Phishing attacks now more creative

Crimes such as phishing have become more complex and sophisticated as an increasing number of attackers want to steal money from internet users, security experts have warned.

According to security company Websense, phishing attacks using 'toolkits' - tools that can help people potentially defraud innocent surfers - continue to rise dramatically.

Of the sites designed to steal financial information, almost 15 per cent are derived from toolkits, which are available on the net and allow unsophisticated users to launch sophisticated attacks against operating system exploits and vulnerabilities, Websense revealed.

"One such example is the 'Rock Phish Kit', which appeared in November 2005, but the frequency of its use is growing," states the report.

The DIY kits give all the essential tools for launching phishing attacks, which use spoofed emails and fraudulent websites to trick people into giving out personal financial data.

From January until now, 35 per cent of all malicious websites were hosted on web servers that had been previously compromised.

According to Websense report, there is a 100 per cent increase in sites designed to install keyloggers, screen scrapers and other forms of crimeware.

The report also revealed that an increasing number of phishing attacks target non-financial organisations such as Myspace, Google and Yahoo.

Websense

More news via RSS Post item to Del.icio.us Post item to Digg.com