This new type of attack, known as a Smart Redirection Attack, is designed to ensure that potential phishing victims always link to a live website. So far two attacks on two different banks - one based in the UK and the other in Canada - have been detected. 

Phishing is the art of tricking or enticing people to share passwords or credit-card numbers by imitating legitimate companies in emails thus making users believe that they are actually are receiving a the message from legitimate company websites. 

How it works

For a Smart Redirection Attack, the fraudster creates a number of similar phishing websites based at different locations. All of the emails received by consumers contain URLs that direct the victim to an IP address that hosts the 'smart redirector'. When the potential victim clicks on the link, the 'redirector' checks all related phishing websites, identifies which sites are still live, and invisibly redirects the user to one of them.

The thinking behind the scam

Fraudsters are aware that once a user identifies the site as fraudulent, He/She will report the site's address, and there's a good chance that someone will shut it down. If the fraudster has used a single address for an entire batch of emails, the entire mailing list directed to that site would be wasted. However, sending the redirector address (hidden from the consumer) assures that the consumer will always reach a live site.

Naftali Bennett, senior vice president at RSA Cyota Consumer Solutions, commented: "As anti-phishing vendors become more adept at shutting down phishing websites, inevitably the fraudsters are looking at ways to minimize the effect this has on their hit rates. Analyzing which websites are still live - and seamlessly redirecting users to them - seems like a good way to raise the stakes. These phishing emails look no different than any other: all the action takes place behind the scenes, so as always users need to remain vigilant. Technology also plays a big part in preventing sophisticated attacks like these."

Clearly we are seeing that the fight between fraudsters and security firm is escalating.  Recent statistics from the Anti-Phishing Working Group (APWG) supports this evidence revealing that the organization detected 15,244 unique phishing reports in December 2005, up from 8,829 in December 2004.   Another survey shows that from the more than 600 business email users, 58 percent receive at least one phishing email every day, while 22 percent receive more than five a day.

Online threats particularly phishing attacks are likely to become even more targeted in the future, and it will be every important for users to be more vigilant.  This new phishing technique sends a clear message to security firms - online threats are here to say, what are you going to do about it?  He who has the knowledge has the power really.

*****

Announcement: Attend the Powertips 2006 "Security Secrets and Strategies" conference on March 16, 2006 (Thursday) at the Grand Ballroom of Dusit Hotel Nikko. Tickets are available at all SM TicketNet outlets or call 911-5555. You can also register online at www.infochat.com.ph

For your comments, questions and suggestions, send your email to techtvhost@yahoo.com

*****

A Secret No More

Who is this I.T. Manager (ITM) who pretends to be fashionable and in style but is actually not.  This ITM proudly went inside a prominent fashion store wearing a product by this fashion store.  This ITM looked around the shop while showing off his/her signature item.  This ITM experienced his/her worst nightmare when the shop's saleslady approached this ITM and said "Excuse me Sir/Mam, you are using an IMITATION of our product".  With all dignity, this ITM said "I KNOW" and left the shop.  DUH!  What in the world are you thinking?   You have disgraced the company that you're representing due to your arrogance, pretentions and shameless acts that is why I am writing about it so that your secret will be a secret no more.