• Sign in to Neowin Faster!

    Create an account on Neowin to contribute and support the site.

Sign in to follow this  

Phishers Target Financial Institutions

Recommended Posts

Slimy    13
Experts concede that phishing schemes remain an extremely troubling threat, specifically for financial services companies, as the attempts to dupe users into sharing their personal information continue to proliferate and increasingly target online banks.

According to the latest research released by security applications maker Symantec, the company's Probe Network detected 157,477 unique phishing e-mail campaigns during the first six months of 2006, an 81 percent increase over the 86,906 phishing attempts it tracked during the second half of 2005. Similarly discouraging results recently published by the Anti-Phishing Working Group indicate that unique phishing sites doubled during the 12 months between June 2005 and June 2006, with 93 percent of those attacks specifically involving attempts to rob customers of financial services companies.

According to researchers at security software maker TippingPoint (a division of 3Com), most phishing attempts remain relatively low-tech, using a time-honored combination of counterfeit e-mails and fake Web sites to trick unsuspecting consumers. However, at the same time, a smaller group of attackers has produced the most elaborate phishing attempts seen yet, the researchers said, including those who used a recently discovered VML (Vector Markup Language) vulnerability in Microsoft's Internet Explorer browser to plant keystroke-logging spyware onto victims' machines.

"It's safe to say that we will probably see higher volumes of low-tech attacks that are aimed at tricking large numbers of people and also greater numbers of very sophisticated attacks that try to steal information from customers of specific businesses," said Tod Beardsley, lead counter-fraud engineer at TippingPoint, of Austin, Texas. "The situation also continues to be compounded by the financial services industry itself, as companies continue to send out very inviting e-mails that are essentially training end users to expect that sort of communication, which makes it easier for attackers to find victims."


Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.