INDEPENDENT NEWS

Advanced ‘Next Generation’ Phishing Kits

Published: Thu 17 Jul 2008 04:59 PM
MEDIA ALERT
Fraudsters Discovered Using Advanced ‘Next Generation’ Phishing Kits
--New database capabilities allow for more efficient mining of stolen user data--
Auckland, New Zealand, July 17, 2008 – RSA, The Security Division of EMC, today released highlights from its June 2008 monthly online fraud report. This month the findings focused on recently discovered advances in the storage, mining and manipulation of stolen user data. According to the report, the RSA Anti-Fraud Command Centre (AFCC) discovered new phishing kits that allow fraudsters to store stolen data in specialised MySQL databases on their phishing servers.
The main advantage of these specialised databases is that they are user-friendly, allowing fraudsters to quickly and easily view the results of a phishing attack and manipulate the data. The newly discovered format is more efficient for cyber-criminals as it eliminates the process of reviewing each piece of data as a text file, followed by data clean-up, piece by piece. According to the report, the AFCC has in some cases recorded fraudsters filtering the list of victims as well as deleting pieces of false or partial data.
Fraudsters who use these latest phishing kits easily can now manage the stolen data stored in the databases, in a similar manner to Trojan herders and their management of Trojan logs.
Like many other fraudster innovations, these kits are not a new threat to banks or their users but simply an improvement that makes the fraudsters' ability to use the stolen data that much easier. As a result, these kits grow in popularity within the fraudster community and eventually become a commodity – until the next innovation!
# # #
About RSA
RSA, The Security Division of EMC, is the premier provider of security solutions for business acceleration, helping the world's leading organizations succeed by solving their most complex and sensitive security challenges. RSA's information-centric approach to security guards the integrity and confidentiality of information throughout its lifecycle – no matter where it moves, who accesses it or how it is used.
RSA offers industry-leading solutions in identity assurance & access control, data loss prevention, encryption & key management, compliance information management and fraud protection. These solutions bring trust to millions of user identities, the transactions that they perform, and the data that is generated. For more information, please visit www.RSA.com and www.EMC.com.
ENDS

Next in Business, Science, and Tech

General Practices Begin Issuing Clause 14 Notices In Relation To The NZNO Primary Practice Pay Equity Claim
By: Genpro
Global Screen Industry Unites For Streaming Platform Regulation And Intellectual Property Protections
By: SPADA
View as: DESKTOP | MOBILE © Scoop Media