RSA Catches Financial Phishing KitBy Patrick Hoffman | Posted 2007-01-10 Email Print
Modernizing Authentication — What It Takes to Transform Secure Access
The security company identifies a new phishing kit that is being sold and used online by fraudsters who are targeting financial organizations.RSA, The Security Division of EMC, announced Jan. 10 that it has identified a new phishing kit that was being sold and used online by hackers to target users' personal information in real time.
The phishing kit, known as a Universal Man-in-the-Middle Phishing Kit, is meant to help online hackers create attacks involving financial organizations by enabling the hacker to create a fake URL through a user-friendly online interface. The fraudulent URL communicates with the legitimate Web site of the targeted organization in real time.
The target receives a standard phishing e-mail, and if the target clicks on the link, he or she is sent to the fake URL. The target thinks that he or she is working with content from the legitimate Web site, but in fact, the fake URL allows hackers to access the targets' personal information, RSA said.
"As institutions put additional online security measures in place, inevitably the fraudsters are looking at new ways of duping innocent victims and stealing their information and assets," Marc Gaffan, director of marketing for Consumer Solutions at RSA Security, based in Bedford, Mass., told eWEEK.
The new phishing kit was uncovered by RSA's AFCC (Anti-Fraud Command Center), a 24/7 team of 40 trained fraud analysts that work to mitigate online fraud.
The AFCC handled the kit by using an extensive monitoring and detection network, a broad blocking network and its site-shutdown capabilities.
"Using various technologies and procedures, the AFCC detects phishing attacks, analyzes them and works to shut them down on behalf of our FraudAction customers," Gaffan said.
RSA analysts said the phishing kit has two main benefits for hackers. One, the hacker does not have to purchase or prepare a custom phishing kit for the organization being targeted, and two, the attack can intercept any type of credentials that are sent in to the site after the user has logged into his or her account.
"While these types of attacks are still considered next-generation, we expect them to become more widespread over the course of the next 12-18 months," Gaffan said.
However, Gaffan said the AFCC will continue to shut down these kinds of attacks.
"The analysts at the AFCC work around the clock on behalf of the banks, so the banks can outsource the headache of detecting, shutting down and dealing with attacks in general," Gaffan said. "The AFCC has vast experience in the industry and deep expertise in online fraud and banks can benefit from that and enjoy the economies of scale."
The AFCC service varies in price depending on the type of service a bank selects as well as the size of the bank.