Home arrow Spam News arrow Scams & Fraud arrow Phishing without even clicking a link Tuesday, 09 February 2010  
 
Home Spam News Reviews FAQ Links Contact
 


Syndicate
 
Phishing without even clicking a link E-mail
Andrew Robinson   
Thursday, 04 November 2004

A phishing scam has been detected which doesn't even require users to click on a link in order to jeopardise their personal data while banking online. Simply opening the email may be enough.

Although MessageLabs who discovered this new technique, is saying the fairly crude scam is very low risk and not yet seen in Europe, it is a worrying development which users and banks should be aware of.

When the email is opened a script is run which rewrites the host files of targeted machines. The effect of this is the next time they attempt to access legitimate online banking, at one of the targeted banks, the new script, which has been lying in wait for such a moment, redirects the user to a fraudulent website which apes the site their were attempting to legitimately access.

Alex Shipp, senior antivirus technologist at MessageLabs, said: "This script silently modifies the users' machines and creates this vulnerability. The next time the user goes to bank online, that's when it will get them."

So far the company has only intercepted a relatively small number of these new phishing emails in South America where they are targeting three Brazilian banks, but as ever with malicious activity online any success will likely see the scams spread to new territories.

Shipp said this first iteration of such a covert phishing technique will only affect users who have Windows Scripting Host enabled and certain ActiveX controls and he believes the majority of users with up to date patches, or the most recent versions of Outlook, where such features are switched off as standard, will be protected.

But it is the general trend which is causing the most concern.

"Perhaps Brazil was targeted by this first, fairly basic email because the writers knew there were a large number of unpatched PCs there, but the worry is that this could become more advanced," said Shipp, warning that future iterations of such a scam may employ java script or similar means to create such a vulnerability on users' machines.

MessageLabs is currently detecting between 80 and 100 new phishing websites every day.

Source
Silicon.com

So although this is relatively low risk, this could be the shape of things to come.  This again reinforces the fact that phishers are becoming more 'intelligent' in their scams and are aiming for less interaction from the user to increase their possibility of capturing details.
< Prev   Next >
Related Items
 
   2004-2006, Spamfo.co.uk. Hosted by Ixis  
Text Link Ads script error: local_4326.xml is not writable. Please set write permissions on local_4326.xml.