If you control a blog or any small website, beware. Phishers are trying to lure owners of smaller websites who use hosting services from Yahoo, GoDaddy and MediaFire into divulging their administrator logons.
These criminals then will use your small corner of the Web to host faked online banking web pages used in subsequent broader phishing campaigns designed to hijack funds from online banking accounts, according to this forensic report from security firm Trusteer.
This is yet another example of how cybercriminals are refining, combining and scaling up simple hacking and social-engineering techniques, says Amit Klein, CTO of Trusteer.
The first stage of this particular attack begins by sending out email, purporting to come from the host provider, carrying a link to a webpage like the one below. The recipient is asked to type in logon information as part of “system maintenance.”
Later, the attacker will access the website and upload faked online banking pages, or begin storing stolen data in support of broader online banking phishing campaigns.
The advantage gained by this two-stage phishing attack: the intruder doesn’t need to hack into the website, which can send up red flags and trigger inoculations.
“Criminals do not need to use hacking tools to upload content to a website,” says Klein. “Therefore they can avoid detection until after they have siphoned funds from consumer and business banking accounts.”
Trusteer makes a browser plug-in, called Rapport, which it sells mostly to financial institutions. Rapport protects sensitive personal data and disrupts these types of phishing attacks.
There are plenty of free and relatively inexpensive security tools for consumers. But the ultra competitive nature of most tech security vendors makes it a tall task to determine just how these products overlap, and what combination gives you the best bang for the buck.
PC World’s Neil Rubenking’s review of 12 free security tool is a good place to begin your due diligence.
