All the latest UK technology news, reviews and analysis
|
|
|
20 Aug 2004
Do-it-yourself phishing kits are being made available for download free of charge from the internet, security watchers have warned.
Security company Sophos said that the availability of such kits, which require no technical knowledge to use, means that anyone with web access can potentially launch their own phishing attack and attempt to defraud unsuspecting computer users.
Further reading
The DIY kits were found to contain all the graphics, web code and text required to construct bogus websites designed to have the same look and feel as legitimate online banking sites.
They also include spamming software that enables fraudsters to send out hundreds of thousands of phishing emails as bait for potential victims.
According to estimates by Sophos, hundreds of thousands of phishing emails are sent across the internet every day - and the problem is growing.
Graham Cluley, Sophos senior technology consultant, said in a statement: "Until now, phishing attacks have been largely the work of organised criminal gangs.
"However, the emergence of these 'build your own' phish kits means that any old Tom, Dick or Harry can now mimic bona fide banking websites and convince customers to disclose sensitive information such as passwords, Pin numbers and account details.
"There is plenty of profit to be made from phishing. By putting the necessary tools in the hands of amateurs, it's likely that the number of attacks will continue to rise."
Computer users should be wary of any emails asking them to reconfirm sensitive financial information. Sophos suggests that anti-spam software at the email gateway can prevent these unsolicited email messages from even reaching inboxes.
"Recipients of suspicious emails claiming to come from online banks should just delete them and should certainly not click on the links contained within the messages," said Cluley.
"Web hosts and internet service providers can also play their part in the fight against phishers by closing down websites if they find these kits posted on their servers."
Latest stories from Security
Related articles
Related jobs
Poll
Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?
V3 examines the key strengths and weaknesses of Samsung's latest iPhone killer
Connect with V3.co.uk
Social networking is almost ubiquitous. This white paper examines the benefits and risks and it looks at the different ways companies can reconcile them
The importance of understanding your infrastructure
Credit Risk Modeller, SAS, London, £50,000 Title- Credit...
My London client is looking for an experienced Programme...
My leading client is looking for a number of excellent...
My client, a leading international name in Manufacturing...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?