February 10, 2008   Sign In |  About ebizQ |  Contact Us |  Join ebizQ Gold Club
Peter Schooff
Peter Twenty-Four Seven Security
 Peter Schooff's blog is a daily look at what's going on in the world of computer security with an emphasis on how it affects businesses.

« Microsoft Patch Tuesday Update | Main | Hacker -- A Holiday Tale »

December 13, 2006
Botnets Now Used in Massive Phish-net

I hate to report how the bad guys are improving their methodology without immediately offering a remedy from the good guys, but this seems to be one of those cases. As always in dealing with phishing, never, ever reply to unsolicited email from even the most seemingly legitimate source. If you feel you might be having account troubles at your bank, with eBay, with Paypal, or whatever the site, simply log onto those sites directly.

In a report quoted on Brian Krebs’ Security Fix, the Anti-Phishing Working Group found that 52 percent more phishing sites were discovered this past October (bringing the total to 37,444). As if I even needed to tell you, that is the highest on record, and is 52 percent higher than September of this year, and 9 times the amount recorded from October a year ago.

Experts peg this near-exponential growth on a new phishing method called “Rockphish.” Just like botnets were started to circumvent spam blacklists (as blacklists stopped spam by denying its point of origin, but how do you deny thousands of different points of origin that are changing all the time), the tools to fight phishing are based on authenticating official webpages and shutting down those deemed illegitimate.

But as Krebs states, “In Rockphish attacks, multiple phishing scams targeting different banks are placed on the same Web server. Each individual scam page is assigned to an Internet subdomain that for a short time is tied to an Internet address of a compromised computer that the phishers control. When a would-be victim clicks on a link in a Rockphish scam, they are routed through the drone PC to the correct scam page.”

One phish-fighter stated that a single Rockphish attack generated 2,000 unique phishing Web addresses in two days. This allows them to rapidly change addresses of phishing sites, and represents a serious blow to the efficacy of the current phish-fighting tools.

Tags: Phishing, Rockphish


Tags:

Posted by pschooff in Phishing |Digg This|Add to del.icio.us

Trackback Pings

TrackBack URL for this entry:
http://www.ebizq.net/mt/mt-tb.cgi/1086

Comments Post a comment




Remember Me?

(you may use HTML tags for style)

We ask that you type your code (displayed below) in the text box.This code is an image that cannot be read by a machine. It prevents automated programs from submitting comments.


Code:



Most Recent ebizQ Blog Entries
ADVERTISEMENT
Subscribe
News Feed
Recent Posts
Categories
Archives
Blog Roll
Blogosphere
This Work
Accountability:The opinions expressed in this blog are solely representative of the blog's author, and not of ebizQ
Subscribe to our Newsletters
ebizQ Weekly Gold Club Update
Live Webinar Updates
Updates from ebizQ Partners
ebizQ SOA Update
ebizQ BPM Update
ebizQ Security Update
ebizQ BI Update
ebizQ Open Source Software Update
Virtual Show Newsletter
Your E-mail Address:
BAM: The Killer App for CEP
Date: Feb 12, 2008
Time: 12:00 PM ET
(17:00 GMT)
I WANT TO ATTEND
Event Processing Market Pulse
Date: Feb 14, 2008
Time: 12:00 PM ET
(17:00 GMT)
I WANT TO ATTEND
Archived Webinars | Upcoming Webinars

Marketing Solutions | Feedback | About ebizQ | Unsubscribe | Privacy Policy | Site Map