Innovations reported over the past month illustrate how cyber criminals alter their tactics in an attempt to ensnare more victims (WAR Report and WAR Report). One innovation of note was cyber criminals increased targeting of foreign banks. According to RSA’s Anti-fraud Command Centre more than 40 percent of all phishing emails are not in English. Moreover, RSA stated that attacks against Spain , France , Germany , and the Netherlands have all increased substantially. As users in the US and the UK have been saturated with a never-ending stream of phishing attack emails , it appears that cyber criminals are now targeting new victims who may not be familiar with proper information security practices in order to reap greater rewards from their attacks. ?Financial institutions in relatively untapped markets with users unfamiliar with phishing attacks are an attractive target,” said Andrew Moloney, senior product manager at RSA Consumer Solutions.
Cloudmark, an email security company, reported another phishing innovation this week. Cloudmark announced that it had intercepted two separate phishing attacks that utilized Voice over Internet Protocol (VoIP), which, according to Wikipedia, is defined as ?the routing of voice conversations over the Internet or any other IP-based network. The voice data flows over a general-purpose packet-switched network, instead of traditional dedicated, circuit-switched telephony transmission lines.?
One of the phishing attacks intercepted by Cloudmark came in the form a spam email that informed customers of a small bank on the US East Coast that there were problems with the customer?s bank account. The standard phishing attack would steal victims personal information by directing them, via the spam email, to a web site designed to look like the bank in question and would then direct the victims to input their personal information. In this case, however, the cyber criminals altered their tactics and, instead, directed victims to call a phone number to resolve the purported problems with their bank account, which until now had been a common resolution to avoid phishing scams. The phone number in the spam email was routed through a VoIP provider to an automated system that asked the victim to input his/her personal information for verification purposes. The attackers allegedly used readily available private branch exchange (PBX) software that allowed them to host a phony automated voice system that mimicked the bank.
By all accounts, phishing attacks have increased dramatically over the past few years. According to German Interior Minister Wolfgang Schaeuble , ?In 2005, the attempts at phishing (globally) dramatically increased, by 300 percent compared with the previous year.? Moreover, Schaeuble stated that according to estimates ?phishing is successful with up to 5 percent of all Internet users.? However, as phishers increasingly duplicate their tactics, users have become more suspicious of unsolicited emails and have become more adapt at spotting an attack. For example, tools like Netcraft?s toolbar or Site Advisor, which was recently acquired by Verisign, provide users with technology that warns them about potential phishing attacks and other suspicious web sites.
It should, therefore, come as no great surprise that as users have become more adapt at spotting traditional phishing, cyber criminals are now altering their tactics in an attempt to attack more victims. Phishers will continue to refine and alter their tactics as long as they continue to profit from these attacks and avoid capture or prosecution.