Search Perform an advanced search query SOFTPEDIA
 
SOFTPEDIA
Updated one minute ago
HomeSubmit a program for being reviewedAdvertise on our websiteGet help on surfing our websitesSend us your feedbackGet information about our XML/RSS backend and how to use itBrowse the news archiveVisit our discussion forumVizitati forumul in limba romana



KLIP
  1. HOME
  2. SCIENCE
  3. TECHNOLOGY
  4. WEBMASTER
  5. SECURITY
  6. MICROSOFT
  7. LINUX
  8. APPLE
  9. GAMES
  10. TELECOMS
  11. REVIEWS
  12. LIFE & STYLE
  13. EDITORIALS
  14. INTERVIEWS
  15. RSS
Welcome!
Hello, Guest

Login if you have a Softpedia.com account.

Otherwise, register for one.

SPAM REPORTS

Phishers Add New Techniques to Their Arsenal

- Malware now included in phishing scams

By: Bogdan Popa, Security and Search Engines Editor

How does a phishing scam work? The attacker, a.k.a. the phisher, creates a copy of a legitimate website and sends emails to certain victims asking them to visit
the page. In comparison with the genuine website, the fake one actually requires private information such as credit card details or financial data that would allow phishers to steal money. However, according to recent reports, this is only an old phishing scam as today's attacks seem to be more advanced and tend to adopt more and new techniques.

TrendLabs informed yesterday that phishing attacks had revealed a new trend when it comes to this type of scams: phishers now rely on malware which is supposed to reach the victims' computers and steal the information by itself. What’s the difference? Users are no longer asked to enter their details on a crafted website because the page only attempts to drop a malware to get the info. The entire process is made with the victim's approval as he is asked to download a file claiming to be a legitimate package.

The best example is brought by a recent attack over several banks which tried to push a web bank certificate on the victims' systems. The file was actually made up of some samples of malware which, according to TrendLabs, were detected as TSPY_PAPRAS.AC and TSPY_PAPRAS.AD.

"Traditional phishing involves phishers sending out email messages that lead users to a fake Web site resembling login pages of certain institutions or companies. This time they’ve made sure they can get sensitive user information even without getting users to log in to some fake page. They do this by planting a spy in users’ systems so any relevant user action can be transmitted to a remote server. Unprotected users thus stand to lose sensitive information," TrendLabs explained.

MORE RELATED ARTICLES: Beijing Olympics Hackers Rely on Microsoft Office Vulnerabilities 450 Million Windows Computers Under Attack Phishers Look For New Victims in Panama Users Install Antiviruses but Forget about Anti-Spyware Google Rolls Out Anti-Phishing Filter Unsafe Browsers to Be Banned By PayPal, Safari Among the Favorites
 
Comments | Link here | Subscribe
Print | Send to friend
Today's News | Yesterday's News

Search:

TAGS: security malware email phishing

29th April 2008, 20:06 GMT | Copyright (c) 2008 Softpedia | Contact:
Read by 512 user(s) | Rating: | 7 vote(s) so far | Cast your vote:
Phishers Add New Techniques to Their Arsenal - USER OPINIONS




We are sorry, there are no opinions available for this article.


SHARE YOUR OPINION ABOUT Phishers Add New Techniques to Their Arsenal

Since you are not logged on, your comments will have to be approved before being displayed.
Click here to login, or register.
Your Name:
Your Email:
Type in the result:
Your Opinion:
 


DO YOU WANT TO CONTACT US?  

If you have some comments or you want to send us some information you can send us an email directly to .
You can use the form below for the same purpose.
Your full name: (at least 3 characters)
Your email address: (at least 5 characters)
Message subject: (at least 5 characters)
Message text:
(at least 10 characters)
Type in the result:
 
 
© 2001 - 2008 Softpedia. All rights reserved.
Softpedia™ and Softpedia™ logo are registered trademarks of SoftNews NET SRL.
Copyright Information | Privacy Policy | Terms of Use | Contact Softpedia | Update your software | Archive