Phishing by proxy

It is likely already old hand to security researchers that the evolution of phishing attacks are using a black velvet paint by numbers board of increasing complexity, but I personally have recently been witness to an increase in something *new to me* which is Phishing by Proxy... and now quickly being followed closely by Money Mule recruitment by proxy.

I had been investigating reports of phishing and miscreant web sites being hosted in specific user land network IP space, only to discover they were not in fact malicious users and in fact innocent users who had somehow been duped and computers compromised, resulting in a proxybot infection that would phone home announcing the availability of anonymous proxy redirect services offering controllable port TCP port 80 and 443 redirects to an upstream mothership. SANS - Internet Storm Center - Cooperative Cyber Threat Monitor And Alert System

Linked by shanmuga Tuesday, 28th November 2006 11:58PM