Security experts have warned that a previously undocumented phishing kit is being sold and used online by fraudsters.
The newly uncovered Universal Man-in-the-Middle Phishing Kit is designed to allow cyber-criminals to create sophisticated attacks against global organisations in which the victims communicate with a legitimate website via a fraudulent URL.
RSA's experts reported that they had analysed a demo of the kit that was being offered as a free trial on an online forum known to be frequented by fraudsters.
Using the Universal Man-in-the-Middle Phishing Kit, the scammer creates a fraudulent URL via a simple and user-friendly online interface.
This URL communicates in real time with the legitimate website of the targeted organisation, whether it is the online banking site of a financial institution, the order tunnel of an e-commerce company, or any other such business transacting with its users online.
The victim then receives a 'standard' phishing email with a link to the fraudulent URL and interacts with genuine content from the legitimate website which has been "imported" by the attack into the phishing URL.
This affords the fraudster seamless and immediate access to the victim's personal information.
Marc Gaffan, director of marketing for consumer solutions at RSA, said: "As institutions put additional online security measures in place, the fraudsters are looking at new ways of duping innocent victims and stealing information and assets.
"While these types of attacks are still considered 'next generation', we expect them to become more widespread over the course of the next 12 to 18 months."
Acton's warnings come as Facebook is embroiled in one of the biggest data scandals in history
The unmanned tanks could eventually be kitted with AI systems
Dubbed I-MacEtch, it will help meet demand for more powerful nano-tech
GPU firm's research unit for self-driving cars is growing