Phishing: Stealing Phish from Fraudsters
January 30th, 2008 by Shanmuga
"A recurrent group of Moroccan fraudsters calling themselves Mr-Brain has launched a website dedicated to offering easy-to-use phishing site code, email templates and other hacking tools. The website offers phishing kits for many of the most common targets, such as Bank of America, eBay, PayPal and HSBC.
Read the rest of this entry »
If you enjoyed this post, make sure you subscribe to my RSS feed!
Category: Phishing | No Comments »
"A phishing kit targeting the Bank of America contains an interesting insight into the intellectual hierarchy involved in Internet fraud. At first glance, the phishing kit looks attractive to any fraudster – it is straightforward to deploy on any web server that supports PHP, and a single configuration file makes it easy to specify an electronic mail address to receive captured financial details. In addition to requesting the credit card numbers and bank account details, a second form on the phishing site asks for the victim’s SiteKey challenge questions and answers, which can help a fraudster gain access to the victim’s Internet banking facilities.
"Forget the Nigerian prince. Phishing scams are moving beyond the misspelled, far-fetched ruses that clog your in-box and beg for your bank codes. In the year to come, security professionals are warning of bank code-stealing exploits that are much slicker and more convincing–hidden in guises as harmless as a banner ad on a reputable Web site or a message from a friend on a social network.
