Wednesday, 30 May 2007

BBB Spear Phishing Trojan

Source: SecureWorks
This story has been reported on and off for a few days, but this source is the most informative to date. Someone has carefully crafted a list of executives at companies, then sent them a forged Better Business Bureau complaint, correctly personalised with the name and company of the executive. The aim of the phish is to install a trojan IE "browser helper object" which leaks all data submitted in all forms (regardless of SSL encryption) to the phisher.

Sunday, 27 May 2007

Map of 713 "419" Scammers in the UK

Source: Times Online
A Dutch company called "Ultrascan" has created a Google map showing the locations of 713 Advance Fee Fraudsters in the UK (mostly the greater London area) that they tracked down in 2006. The fraudsters always target victims in other countries, and these were primarily targeting the middle and far eastern countries. The UK police almost completely abandoned prosecution of these scammers in 2006, saying that "they preferred to disrupt 419 scammers by taking down their websites and stopping their internet access."

Saturday, 26 May 2007

Malware-based phish attack seen in the wild

Source: The Register
A reader of The Register wrote in to report a somewhat inscrutable phishing technique. Apparently his computer has been infected with malware capable of recognising a number of online banking sites and other popular phishing targets, and inserting a phishing page into the usual stream of activity. This bypasses all the usual checks for known phishing sites, since the browser isn't actually being directed away from the legitimate site: it's just not displaying data from the legitimate site. The victim's copy of IE was affected by this hack, but Firefox was not.