Phishers are rapidly becoming more sophisticated with the development of
malicious crimeware software that can bypass conventional IT security systems
and steal identity information for financial crime, the Anti-Phishing Working
Group (APWG) warned today.
In July 2005, APWG researchers found that phishers are designing systems
specifically to neutralise the counter-phishing technologies being deployed by
financial institutions and ecommerce sites.
"The technological contest between phisher and counter-phisher is well and
truly underway," said APWG chairman David Jevans. "It is a contest of
escalation."
APWG researchers reported a marked increase in screenscraper technology by
phishers. This shift aims to counter the graphical keyboard systems some
financial services firms are using to avoid the hazards of keylogging Trojans
that phishers have been using to mine the usernames and passwords directly from
the keyboard entry of alphanumerics and symbols. When the user mouseclicks a
character on the graphical keyboard, the screenscraper takes a snapshot of the
screen and sends it to the phishers' server for inspection, according to APWG
researchers.
Dan Hubbard, senior director of security for Websense and APWG analyst, said:
"Crimeware continues to evolve as we have seen the deployment of advanced
techniques to steal information.
"These Trojan horses are moving beyond keylogging and now capture screenshots
to obtain end-user credentials."
APWG reported that it had received some 14,135 unique phishing reports in
July, down from 15,050 in June. In July 2005, 71 brands were reported as being
phished, down from a high of 107 different brands being phished in May 2005.
However, phishers were found to be spreading their nets, and moving away from
some traditional marque name financial institutions and hitting a wider base of
smaller financial institutions. Financial institutions made up 86 per cent of
all phishing targets, down slightly from a recent high of 91 per cent.
APWG secretary general Peter Cassidy said: "Our hope was that as the large
financial institutions gained expertise in thwarting and deflecting phishing
attacks, phishers and their spam-based schemes would become ineffective as
probabilities of landing phishing mails into inboxes of small institutions'
customers decreased their intake of user credentials."
"Instead, phishers have employed internet marketing practices of list
creation and affinity marketing to target and leverage the trust of small
institutions."
APWG also reported that in July, there have been increased numbers of
variants and new banking keyloggers. There were some 174 phishing-based Trojans
detected in July, up from 154 in June. The numbers of websites that were hosting
these keyloggers rose even more dramatically, with almost a 100 per cent
increase.
The full text of the report is online
here.
Do you agree?
Have your say on this article