Originally published April 19 2005
Phishing expeditions becoming more sophisticated, warn security experts
by Mike Adams, the Health Ranger, NaturalNews Editor
The number of phishing e-mails tracked by the Anti-Phishing Working Group grew only two percent between January and February of 2005, a significant reduction from the average monthly growth rate of 26 percent since June of 2004. However, experts warn that the phishing community is moving to more complex and sophisticated attacks. Early phishing attacks often relied on the technological naivet� of their victims. However, new phishing schemes use web sites that appear virtually identical to legitimate corporate sites, as well as attacks that do not attempt to directly gain access to customer information, but instead try to discover user's passwords on third-party sites.
There's good news about phishing: The growth of new attacks has slowed.
But that's only because attackers are building more sophisticated traps and using advanced technology to perpetrate online fraud, researchers say.
Last week, the Anti-Phishing Working Group, an online fraud watchdog, reported that the number of phishing e-mails it tracked between January and February grew by only 2 percent.
That figure seems to mark a significant lessening of the threat, given that the average growth rate has been 26 percent per month since July 2004.
But during the January-February period, phishing attacks also became dramatically more complex, experts said.
Whatever form they take, phishing fraud schemes--including offshoots such as pharming, cross-site scripting and DNS poisoning--are getting smarter.
"Phishers are thieves, and thieves in the online world, as in the real world, are working very hard to separate personal financial information and other data from their victims," Microsoft attorney Aaron Kornblum said.
The software maker recently filed 117 lawsuits against alleged operators of phishing Web sites--a major step forward in thwarting online criminals, according to Kornblum.
New crooks, more-effective tricks The first wave of phishing attacks played on the ignorance of unsuspecting consumers, spamming their in-boxes with e-mails that looked like they linked to Web sites belonging to banks, investment companies and e-commerce businesses such as eBay.
In reality, they were fake pages designed to lure people into divulging account login data, or other sensitive personal information that could enable the crooks to commit identity fraud.
Recent attacks have gotten more sophisticated, with advances in phishing schemes that use e-mail and the creation of fraudulent Web pages that appear almost identical to their legitimate counterparts.
By inserting the attempt among legitimate sites and incorporating antifraud rhetoric, phishers could pull in more targets, said Dan Ashby, a senior vice president at Mail-Filters.
All content posted on this site is commentary or opinion and is protected under Free Speech. Truth Publishing LLC takes sole responsibility for all content. Truth Publishing sells no hard products and earns no money from the recommendation of products. NaturalNews.com is presented for educational and commentary purposes only and should not be construed as professional advice from any licensed practitioner. Truth Publishing assumes no responsibility for the use or misuse of this material. For the full terms of usage of this material, visit www.NaturalNews.com/terms.shtml