Yahoo, Go Daddy hosted websites targeted in two-stage phishing attack

yahoo_logo250pxIf you control a blog or any small website, beware. Phishers are trying to lure owners of smaller websites who use hosting services from Yahoo, GoDaddy and MediaFire  into divulging their administrator  logons.

These criminals then will  use your small corner of the Web to host faked online banking web pages used in subsequent broader phishing campaigns designed to hijack funds from online banking accounts, according to this forensic report from security firm Trusteer.

This is yet another example of  how cybercriminals are refining, combining and scaling up  simple hacking and social-engineering techniques,  says Amit Klein, CTO of Trusteer.

The first stage of this particular attack begins by sending out email, purporting to come from the host provider, carrying a link to a webpage like  the one below. The recipient is asked to type in logon information as part of “system maintenance.”

cpanel_phishing450px Later, the attacker will access the website and upload faked online banking pages, or begin storing stolen data  in support of broader online banking phishing campaigns.

The advantage gained by this two-stage phishing  attack: the intruder doesn’t need to hack into the website,  which can send up red flags and  trigger inoculations.

amit_klein_crop1 “Criminals do not need to use hacking tools to upload content to a website,” says Klein. “Therefore they can avoid detection until after they have siphoned funds from consumer and business banking accounts.”

Trusteer makes a browser plug-in, called Rapport, which it sells mostly to financial institutions. Rapport  protects sensitive personal data and disrupts these types of phishing attacks.

There are plenty of free and relatively inexpensive security tools for consumers. But the ultra competitive nature of most tech security vendors makes it a tall task to determine just how these products overlap, and what combination gives you the best bang for the buck.

PC World’s Neil Rubenking’s review of 12 free security tool is a good place to begin your due diligence.

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someone