Surge in variants and sham sites...
Published: 5 May 2005 09:35 GMT
Phishers are increasingly using new methods to nab sensitive information from internet users, according to data from Websense Security Labs.
In recent months, the researchers at security software company Websense have detected a rise in schemes involving malicious programs known as keyloggers, according to the Anti-Phishing Working Group's March phishing trends report.
The technology, which records the keystrokes of people using infected machines, could be designed to help phishers stay one step ahead of honest folk. In the past, attackers have relied mainly on email messages that lure victims to malicious websites, where they are duped into disclosing logins and usernames for banking sites and other sensitive online accounts. The messages are typically spoofed to look like they come from the bank or another trusted provider.
The keylogger programs are built specifically to capture login names and passwords for online bank accounts and to send them to the attackers, Websense Security Labs said. They typically exploit vulnerabilities in Microsoft's Internet Explorer browser program.
Each week in March and February, Websense uncovered as many as 10 new keylogger variants and more than 100 new websites set up to infect computers with them. That's up from November and December, when the company's researchers identified an average of one-to-two new variants and 10 to 15 websites per week.
People can infect their machines with keylogger programs in numerous ways, including opening bogus email attachments, downloading programs online or simply visiting a fraudulent website.
Keylogger attacks are a particular problem in Brazil, where two recent schemes targeted more than 100,000 .br email accounts, the report found. However, the machine that hosted the malicious code in one of the attacks was located in California.
Phishers have previously turned to instant messaging, faked news feeds and have preyed on people that mistype the web addresses of popular online destinations, such as Google.
The United States is host to more phishing sites than any other country, followed by China and Korea, according to the APWG report. In March alone, people reported more than 13,000 phishing-scheme emails to the group.
Alorie Gilbert writes for CNET News.com
Would be expected to assist other designers as required and keep abreast of developments in IT, particularly design programs. Local company seeking a ...
Our production is mainly sourced in Peru and in the UK and from our inception we have established community programs to give jobs to people in ...
The role will revolve around the maintenance of the current website and development of new websites, marketing the company websites through SEO and ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Jon Collins Is losing a mobile device really such a big deal? How to minimise the damage to your business
Tim Ferguson Exclusive: Former MySQL boss Marten Mickos talks open source Why Microsoft could become one of the "biggest friends of open source" and why Oracle getting its hands on MySQL could be "one of the biggest open source coups ever"...