Aujas US

An IDG Ventures Company

New Trends in Phishing Attacks

Quick Introduction to Phishing

Trends in PhishingThe convenience of online commerce has been embraced by both consumers and criminals alike. Phishing involves stealing consumers’ personal identity data and financial account credentials. Social-engineering schemes use fake e-mails purporting to be from legitimate businesses to lead consumers to counterfeit websites designed to trick recipients into divulging financial data such as account and PIN numbers. Technical-subterfuge schemes plant crime-ware on PCs to steal credentials directly, often using systems to steal customers’ or organizations’ sensitive information.

Besides the obvious threats associated with phishing, other adverse effects include decreasing customer confidence in online commerce, and financial losses experienced by both businesses and consumers.

Although progress has been made in identifying threats and developing countermeasures, there has also been a simultaneous increase in attack diversity and technical sophistication in phishing and online financial fraud. Technical crime-ware resources are readily available and have been streamlined and automated, allowing for use by amateur criminals, making phishing economically viable for a larger population of less sophisticated criminals.

Latest Phishing Attacks

  • Tab Napping – Imagine you open the login page for your Intranet portal, but then you open a new tab to visit another website for a few minutes, leaving the first tab unattended. When you return to your Intranet Portal the login page looks exactly how you left it. What you haven’t realized is that a fake page has taken its place, so when you type in your authentication credentials, you have inadvertently given the fraudster easy access to your account.

 

  • Spear Phishing – This is a  rising phenomena that uses official-looking e-mails to lure people to fake websites and trick them into revealing personal information. However, unlike traditional phishing, spear phishers do not send thousands of emails randomly, but target select groups with something in common—they work at the same company, bank at the same financial institution, attend the same college, order merchandise from the same website, etc. The e-mails are ostensibly sent from organizations or individuals the potential victims would normally get e-mails from, making them even more believable.

 

  • URL Obfuscation – As users learn to detect fake emails and websites, phishers use techniques such as URL obfuscation to make phishing emails and sites appear more legitimate. This mechanism misleads the victims into believing that a link and/or web site displayed in their web browser or HTML-capable email client is that of a trusted site but are then redirected to a phishing site. For example, if the legitimate URL is http://www.login.example.com, the phishing URL may be http://www.login-example.com, thus tricking the customer into trusting the site by using an easily overlooked substitution.

 

  • Filter Evasion – This is an another e-mail phishing attack where attacker sends mail with picture images attached to malicious websites to retrieve personal details.

 

  • SMishing – Attacker uses SMS to launch phishing attack on cell phones to steal sensitive information. Scam message direct you to click on malicious banking websites or call a phone number. If you visit the link it downloads viruses into your system or if you dial the number will be asked for personal information.

 

  • Specialized Malware – Over the last couple of years, malware has been increasingly used for criminal activity against users of online banking and commerce sites. Specialized malware available today can easily be reconfigured to target information from a number of different websites. Malware also provides several mechanisms for stealing data that is then used for identity theft or stealing money from a victim’s account.

Conclusion

Though people today are more aware of phishing, countermeasures need to be designed in order to deal with the increasing technical sophistication of criminals conducting phishing scams exploiting human vulnerabilities.

Phishing awareness needs to grow to include law enforcement and employees of targeted businesses so that they are able to accurately recognize scams targeting them. It is also important to remain vigilant by developing and enforcing countermeasures, making the resources for phishing both scarce and expensive with increased policing and thereby making phishing less profitable.

The message is clear – the key to protecting oneself starts with continuous education and awareness.

The Aujas Phishing Diagnostic Assessment can help your company assess and remediate phishing risks. For more information about the Diagnostic, or other Aujas services, contact Karl Kispert, VP of Business Development at 201 633 4745 or karl.kispert@aujas.com.  

November 29, 2010 Posted by | Cyber Crime, Phishing, Social Engineering | , , | 5 Comments

Cyber Crime: The Ominous Writing on the Wall

Cyber-crimeWith the increased media scrutiny and attention that cyber crime attracts today, it is clearly evident that there has been an exponential increase in the sophistication, intensity and frequency of digital attacks. Technological advancements, changes in social behavior and the popularity of the Internet have permitted cyber criminals to make considerable financial gains, usually staying a couple of steps ahead of law enforcement agencies.

As the digital economy has evolved both in size and sophistication, so has the degree and intent of skilled cyber criminals and the nature of their attacks. Some of the more common technical forms of attack include: Virus, Malware & Spyware, Spam, Denial of Service, Phishing, and Password attacks.

While cyber crime encompasses a broad range of illegal activities, these can be categorized depending on the political, economic, socio-cultural and technical overtones of the attack.

Political Threats
A growing political concern among countries is the increasing use of cyberspace to carry out terrorist activities. Cyber terrorists not only intimidate governments and create panic but they also use the Internet to coordinate attacks and communicate threats. An example is Mujahideen Secrets, the jihadist themed encryption tool released ostensibly to aid Al- Qaeda and other cyber jihadists encrypt their online communications. Another example is the use of virtual world sites such as Second Life to conduct and participate in terrorist training camps. Additionally, political activism can be combined with hacking to target a country or group in order to achieve a political goal. Hacktivism, as this is called, is gradually gaining popularity as is illustrated by the attacks on the Estonian government following protests after the relocation of a Soviet World War II memorial. The attacks swamped websites of Estonian organizations, including the parliament, banks, ministries, newspapers and broadcasters.

Economic Threats
The relative anonymity of the Internet has led to a thriving online black market trading in an underground economy of stolen goods, identity theft and rogue businesses. These rogue businesses use the Internet to deal in illegal products or practices as exemplified by the Russian Business Network or RBN based in St. Petersburg. This is a notorious organization that provides hosting services for websites devoted to child pornography, phishing, spam, malware distribution and illegal pharmaceuticals. Identity theft is also becoming an increasing concern with sophisticated tactics such as vishing (Voice Phishing) used to obtain personal identities that are sold on the black market and used to commit credit card fraud and other illegal activities. Additionally, though corporations have always faced the threat of espionage, the opportunity to steal trade and corporate secrets has never been higher. With hackers, pressure groups, foreign intelligence services, organized crime groups and fraudsters willing to deal and trade with illegitimate or stolen material, illegal economic activity online will continue to accelerate and progress.

Socio-cultural Threats
Cyber crime also has far-reaching socio-cultural repercussions with social networking sites and virtual worlds increasingly used for tax free commerce, child porn distribution and other unsavory activities. This reality is catching up with Second Life, the much hyped virtual world that let users create avatars that can walk, chat, fly and buy and sell virtual stuff for real money. The social networking site is running into trouble with authorities over its gambling casinos, questionable virtual real-estate deals and alleged trade in pornographic photos of real children.

Technical Threats
As technology advances, cyber crime has to keep pace with modern and multifaceted changes. Technical cyber attacks include software piracy, botnets and threats against personal area networks in addition to the more popular spam, malware and computer virus threats. Software piracy is the copyright infringement of computer software, mainly for financial gain, such as websites that allow music to be downloaded for free. With the growing use of mobile devices such as Blackberry, PDA or laptops, attacks on Personal Area Networks (PAN) are leading businesses to encrypt or protect sensitive information.

While the threats of cyber crime are real and multifold, there is no single way to mitigate these combined risks. The simplest way to combat cyber crime would be to provide formal education as a little knowledge and precaution goes a long way in preventing cyber crime. Counter measures, such as password protection, firewalls and safe banking practices among others, can be followed depending on the threats and vulnerabilities.

November 4, 2010 Posted by | Cyber Crime, Risk management | , , , , , | Leave a comment