Phishers Become More Sophisticated - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
News
News
12/30/2005
02:02 PM
50%
50%

Phishers Become More Sophisticated

Open redirects were one of the favorite tactics of phishers in 2005, said Web-tracking and anti-phishing company Netcraft, and they're a good example of fraudsters' increasing proficiency.

Fraudsters stayed a step ahead of gullible Internet users in 2005 by fine-tuning their tactics and turning to more sophisticated strategies, a U.K.-based Web monitoring firm said Friday.

Open redirects were one of favorite tactics of phishers in 2005, said Web tracking and anti-phishing company Netcraft, and a good example of fraudsters' increasing proficiency.

Redirects, essentially scripts on the Web server, are used by legitimate domains to redirect users to other parts of a large site from, for instance, the home page. Phishers can sometimes exploit these scripts to send users to a fraudulent site when users click on a link in a real site. The user may not even notice that he's been redirected to a phishing site rather than, say, a legitimate log-in page.

Netcraft pointed to several examples of redirection attacks in 2005, including one that used an incorrectly configured government site to fool users into giving up Social Security and credit card numbers. Users were enticed to the real site by e-mail that promised them a tax refund by the IRS.

Other phishing trends Netcraft spotted during 2005 included the appearance of pharming attacks and fraudulent e-mails that included HTML-based forms, a tactic that eliminated the need to craft elaborate Web sites to trick users.

Also in 2005, phishing attacks -- which are spawned by massive amounts of spam -- began using the spammer technique of replacing text with image-based e-mails to avoid detection by keyword-sniffing spam and phishing filters.

"Phishing attacks are continually evolving, as fraudsters develop new strategies and quickly refine them in an effort to stay a step ahead of banking customers and the security community," said a Netcraft spokesman in a statement.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
2020 State of DevOps Report
2020 State of DevOps Report
Download this report today to learn more about the key tools and technologies being utilized, and how organizations deal with the cultural and process changes that DevOps brings. The report also examines the barriers organizations face, as well as the rewards from DevOps including faster application delivery, higher quality products, and quicker recovery from errors in production.
News
The State of Chatbots: Pandemic Edition
Jessica Davis, Senior Editor, Enterprise Apps,  9/10/2020
Commentary
Deloitte on Cloud, the Edge, and Enterprise Expectations
Joao-Pierre S. Ruth, Senior Writer,  9/14/2020
Slideshows
Data Science: How the Pandemic Has Affected 10 Popular Jobs
Cynthia Harvey, Freelance Journalist, InformationWeek,  9/9/2020
Register for InformationWeek Newsletters
Video
Current Issue
IT Automation Transforms Network Management
In this special report we will examine the layers of automation and orchestration in IT operations, and how they can provide high availability and greater scale for modern applications and business demands.
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll