Huge botnet swamps UK firms with 8 million phishing emails

Security experts today warned that a single botnet is being used to bombard UK firms with millions of phishing emails.

According to BlackSpider Technologies, the huge botnet of zombie computers controls more than 20,000 distinct IP addresses. It began sending out the phishing emails on Sunday, and over 24 hours the security firm estimates it sent out more than 8.1 million emails.

The subject lines of the emails invariably refer to either NatWest or Bank of Scotland. Examples include:

• 0fficial Information To Client Of NatWest bank Mon, 31 Jul 2006 16:58:33 -0800
• Bank of Scotland: Urgent Security Notification For All Clients Mon, 31 Jul 2006 23:49:13 -0100
• NatWest bank: Important Fraud AIert
• Verify Your Data With NatWest bank
• NatWest bank: urgent security notification [Tue, 01 Aug 2006 03:57:17 +0300]
• Verify Your DetaiIs With NatWest bank Mon, 31 Jul 2006 16:59:35 -0800
• PROTECT YOUR NatWest bank ACCOUNT Mon, 31 Jul 2006 16:56:07 -0800
• NatWest bank: URGENT SECURITY NOTIFICATION FOR CLIENT

The phishing emails contain an inline image and if recipients click on the image, they are directed to a website where they are instructed to input their personal information. Once entered, the information can then be used by the cyber criminals behind the attack to siphon cash from victims’ bank accounts.

James Kay, CTO, BlackSpider Technologies, said: “In security terms, phishing attacks are nothing new. What we’re not used to seeing, however, is such a high volume of phishing emails being directed by one source. Given the sheer number of emails involved in this attack, a lot of people could end up being duped and out of pocket.”