Tuesday, December 16, 2008

Phishing Attacks Increased Alarmingly by 240%

The security firm Websense unveiled that out of every 50 e-mails, three are phishing e-mails sent by scammers, representing a month-on-month rise of 240%, or accounting for about 83% of all sent mails.

Websense observed that 90.5% of spam e-mails were containing an URL, a percentage that has never been seen earlier. Security experts justified this fact by stating that in recent times, scammers have started to deploy more sophisticated techniques to exploit the current financial crisis.

The security experts further stated that once again it is the work of a key gang of phishers that has led to this significant increase in the level of phishing attacks. Majority of the criminals use the phising kits, including a typical subdirectory dubbed "rock", designed to attract the unaware users towards the bogus websites. But once the phishing filters started seeking the word, the gang put an end to this technique.

The analysis also revealed that scammers are constantly pushing in various sophisticated packages of malicious codes, including "blended threats" that makes use of the phony images and links. These malicious contents can get installed secretly onto the victim's PC.

Further, the criminals have launched a phishing technique where an incomplete form is also able to reveal the sensitive data of the user, even if a user sends back the form to the fake website by filling in bogus details.

Earlier in August 2008, SecureWorks researcher Joe Stewart revealed the way in which an incomplete form, sent back to a site hosting Asprox botnet, resulted into further exploits of the user's browser.

Such attacks could be detected and restricted only with the help of professional expertise. They also warned the firms which are comprehensively dependent upon the internal security measures.

Moreover, the attacks are very devastating and highly sophisticated. So in lack of a strongly responding security solution, customers may witness storage capacity and bandwidth problems, slowdown in productivity, and exploitation of sensitive information.

Furthermore, a research by SANS Internet Security Centre shows that a well-designed phishing e-mail can attain a click-through rate of around 10% while that of a targeted one can exceed 80%.

Resource: http://www.spamfighter.com/

No comments: