New Phishing Attacks Fool Users

A new phishing attack that poses as a message from eBay Inc. is loose on the Web and fooling users with a genuine-looking message. The attack uses an E-mail that appears to come from eBay and says the company needs some information to protect the customer from Internet attacks. If users click on a link, they are taken to a form that asks for personal information, which is captured by the bad guys and could be used for identity theft and other problems.

The messages were first spotted in Israel by security vendor Fortinet Inc., which reported Friday morning that security appliances at its customer sites had recorded 46,000 hits by the phishing wave. Based on the number of attacks and the speed at which they're spreading, Fortinet said this phishing attack ranked in the top 10 of all time. Fortinet said it recorded 12,000 hits in the first two hours after the first one was detected Thursday evening.

"On a scale of 1 to 10 on creativity, this one is high up on fooling users," says Patrick Nolan, virus researcher at Fortinet. "But after the first click, it brings on text looking like any other phishing attack." He thinks the hackers are working hard to spread the attack quickly, because Fortinet usually sees only a couple of thousand phishing messages. "This far surpasses the common mass mailings we see," Nolan says.

"The best attacks are the ones that look real, like this one," says Pete Lindstrom, founder and analyst at Spire Security. But the large number of phishing messages being sent out made this attack easier to spot. Lindstrom notes that eBay no longer asks customers to provide information using links within E-mails and instead uses other channels to communicate with the.

The emphasis on making the Web easy to use is helping to fuel the boom in phishing and spyware, he says. "We've decided so far to forego validating sources and building out trusted directories" in favor of easy links that people can just click on.