Fraud attempts grow with Trojans, keystroke loggers and stolen screenshots
vnunet.com, 20 Apr 2004
Groups attempting to trick internet users into revealing bank account details and other sensitive information are stepping up their efforts.
According to figures from internet firm MessageLabs, the number of phishing emails it has encountered has increased from 279 in September 2003 to 337,050 in January 2004.
Other phishing groups are also using new techniques to defeat technical measures put in place to foil their scams.
Some infect a host PC with a Trojan and use keystroke loggers to steal passwords for later use.
To combat this, banks have introduced innovative designs on their websites that allow users to pull down menus to enter passwords rather than key them in directly.
But now Australian anti-spam group Code Fish has discovered a new Trojan that attempts to steal passwords by stealing screenshots rather than keystrokes.
Users are sent what looks like an invoice for the purchase of a website. But a VBScript Trojan, svchostss.exe, is automatically downloaded if they check out the site that the email claims they have bought.
This Trojan then attempts to take screen grabs from the PC whenever it is used to access financial sites, including that of Barclays Bank.
Barclays said in a statement: "As you would expect, we closely monitor changes and developments in this space and work closely with other banks and the Hi-Tech Crime Unit.
"We also guarantee to customers that they will not bear any financial loss as a result of fraud against them.
"We are encouraging them to regularly update their antivirus protection software/firewall software and never to reveal their complete ID/password information. Also simply to delete any suspicious emails without opening them."
David Linford, director of anti-spam organisation SpamHaus, said better cooperation between law enforcement agencies could end phishing.
"What the spammers don't realise [is] that they aren't really anonymous - noone is on the internet.
"If law and order wanted to stop this they could if they started talking to each other - cooperation between forces is missing. Most of these [attacks] are coming form Poland and Russia and with international cooperation these computers could be seized."
The UK National Hi-Tech Crime Unit said it is working with colleagues abroad. A spokeswoman told vnunet.com: "We're currently working with overseas forces but have to be at the behest of their jurisdictional systems.
"Naturally we can't comment on ongoing investigations but phishing is being looked at."
As the bad guys get smarter, what can you do? James Watson and Emma Nash find out
Estimated 1.8 million US adults conned out of $1.2bn last year
Eastern Europeans under arrest as Hi-Tech Crime Unit swoops on addresses in London and Kent
Hi-Tech Crime Unit arrests Lancashire man over alleged phishing attack on internet bank users
Remote access - Three steps to getting connected
3.4 million UK professionals now work from home – is your company equipped?
Cost benefits of a global collaboration network
This white paper is a must read for organisations looking for evidence of the bottom-line benefits of high-definition video and voice communications
Keep up to date with the latest products, services and technologies from the world's leading IT companies; IThound.com brings you over 6,000 white papers, case studies and analyst reports.
Open Text chief predicts more consolidation in ECM market
We ask the BlackBerry maker's head of security what CIOs...
Do you agree?
Have your say on this article