Gone Phishing
Over the last two years or so, there has been a huge increase in so called Phishing scams. The best way to avoid such
scams is to make sure you start a fresh browser session when logging on to your internet bank, and never follow links to
it from emails.
The NOD32 virus-radar project (http://www.virus-radar.com) was originally conceived to report on viruses that are contained in email, but in the year that the system has been
running, its usefulness has proven to be far wider.
Over the last two years or so, there has been a huge increase in so called Phishing scams. Phishing scams usually take
the form of a counterfeit e-mail message, mass-mailed by criminal hackers, purporting to be from the recipient's bank.
These scams try to deceive recipients into disclosing credit card numbers, bank account information and various personal
details. The email messages are often very professional, and really look as if they came from a bank, financial
institution or an ISP. Usually they demand recipients click on a supplied link, and the text in the message often urges
or threatens users to carry out the requested action - often this is under the premise that there has been a problem
with their account, and that for security reasons, the email recipient must follow the procedure to make sure their
internet banking continues to operate correctly. After clicking the link, the targets are sent to a fraudulent site,
which looks just like the institution's web site and are asked for sensitive information. These scams rely on tricking
the recipient - using techniques sometimes called "social engineering" - into opening the link, and supplying the
requested details.
There are a large variety of these scams that imitate various banks and institutions. The groups behind the "phish" then
make a profit from the submitted information collected from the people they managed to trick.
Although these emails are not traditional malware - for instance, there is not normally any enclosed attachment
containing a virus - Eset's NOD32 antivirus system has the ability to detect such scams. Because of this, virus-radar
will often show when a specific type of fraud is particularly prevalent. Recently, two such fraudulent emails have hit
the top ten malware detected by virus-radar. (Figure 1) It's a crime that is clearly successful, as the incidence of new
Phishing scams is still on the rise.
The best way to avoid such scams is to make sure you start a fresh browser session when logging on to your internet
bank, and never follow links to it from emails. Your bank will never ask you for your details such as passwords by
email.
You can keep an eye on the latest malware at http://www.virus-radar.com