Phishers try to catch eBay users

Email phishing, most notably targeting eBay users, continued to rise dramatically in July, IT security watchers warned today.

According to the latest monthly threat report from Fortinet, last month saw a hike in HTML-based phishing emails purporting to come from Ebay. These phishing emails are sent to target email addresses to fool users to sign onto a web page using their eBay logins. The web pages are not affiliated with eBay and  may track login information in order to steal data.

Fortinet researcher Patrick Nolan said: "On a scale of 1 to 10
on creativity, the HTML/Ebay-phish  phishing scam earns high marks on
fooling users."

MyTob variants were  observed on an almost daily basis but spreading of MyTob appears to be reduced, the study found. This containment was attributed to use of improved heuristics that could detect the virus quickly coupled with increased blocking of dangerous file extension types such as .EXE, .SCR and .PIF.

A newly discovered variant of the SDBot  virus was found masquerading as a Microsoft security bulletin. The email contains an attachment that  supposedly contains updates to address the issues cited within the  bulletin, but if run could be used by remote hackers to take control of compromised PCs.

Virus detections, including heuristics, were found to be down 28 per cent for the month of  July. Detections for malware were also down by 15 per cent.

Fortinet researcher Bryan Lu said: "Let's not rest on our laurels however. We cannot downplay the importance of regular signature, and security updates.

"More than 47 million viruses were detected for July, and that's still a big  number."