Phishers target Christmas shoppers

Consumers should be on their guard against a "particularly devious" phishing scam which aims to hijack their Christmas shopping and divulge sensitive financial details to cyber-criminals.

According to IT security firm CyberGuard, the latest scam uses fake e-commerce sites offering 'bargain' Christmas gifts.

The sophisticated fraud works when people search on the internet for items they want to buy, and click on a link. They are then directed to a legitimate looking web page and instructed to 'Click here to download images' of what they want to buy.

What they end up downloading is a self-extracting zip file that installs a Trojan on their PC.

This malware then redirects legitimate financial institution links to fraudulent websites allowing the scammer to harvest the user's details.

Paul Henry, a senior vice president at CyberGuard, warned: "Between 80 and 100 new phishing websites are starting up daily. Scammers are getting much more sophisticated and they are harder for users to detect.

"If it looks too good to be true, it probably is. Don't let the Grinch steal your Christmas."

The warning follows recently published reports from the Anti-Phishing Working Group that indicate a 100 per cent increase in the number of phishing sites between September and October 2004.