Phishing

From Total Malware Info

There are several technical ways of phishing control. In this paper we’ll consider some of them.

Phishing is kind of internet fraud. It’s used for stealing the confidential information through the distribution fake mail from providers, banks and other different organizations. Usually such mail look like reports about different events (system errors, data loss and even updating system for phishing control). These reports say that user has to update or confirm user’s confidential information. Phishing rises month after month. More and more users undergo to phishing. Spam is delivered to millions of e-mails in the whole world. There are committed attacks for certain clients’ groups. By using different kinds of attacks phishers can mislead users for getting their financial information. According to the report of Anti-Phishing Working Group (www.anti-phishing.org ) (July 2007) we can see trends of the development of the phishing sites during July 2006 to July 2007:

99% of particular users are become victims of a phishing. Statistics of phishing attacks in the world:

It is natural that banks and other e-payment systems (leaders – PayPal, eBay) more often become victims of phishing attacks. Example of phishing site of e-payment system PayPal:

Phishers steal confidential information for spam creation if they can’t get access to cash assets.

The fragment of Trojan-Spy.HTML.Paylap.bg:

Recently, the most popular “mobile phishing”. Frauds ask victims to transfer money to their personal accounts. When phishers steal ICQ number they messages all users from contact list and ask them to barrow some money. Also it could be some forums’ messages. Spammers have databases with millions of e-mails. More often spam go through the cracked ftp-servers or through the global networks so it’s impossible to find the phisher.

Methods of phishing organization

• Using IP addresses instead of domain names in links to fake web-sites. Many users won’t check (or they don’t know how to check) a belonging of IP address to a real host of organization.
• Registration of the similar DNS domains.
• URL Obfuscation.
• Configuration of phishing site. For an example, store any information (login, passwords, etc.) and then redirect user to a real web-site.
• Making a network of fake web-sites on different servers. The address that specified in a mail leads to only server that has a “smart redirector” (script, which is checking a status of all fake web-sites and then redirect user to one of them).
• E-mail and spam. The part of spam in mail traffic in October has increased to 85% - 90% of total capacity in Runet.

Thematic structure of spam:

• Trojan programs use vulnerability in web-browsers and redirect users to phishing sites.
• Falsification of advertising banners. Harmful advertisement are flash-banners which redirect users to another web-sites that download different files from internet.

Phishing banner:

• Using of P2P Networks. Using bots into many popular channels means that it’s easy to falsify information.

How protect yourself from phishing attacks?

1. Don’t reply to mail which ask your confidential information. Usually banks and financial companies which interested in e-commerce send personalized messages. Phishers never do this. They use different marked headlines (“Your details could be stolen!”).
2. Check your on-line accounts regularly. If you’ve detect suspicious transaction you have to contact your bank immediately.
3. Check security level of web-site. If a web-site is located on a protected server then it must have such address "https://" (“s” means security).
4. Don’t reply to mail from banks or assets and other organizations because they never do it. If you’re doubt it then check up it by phone. But don’t use phone number that said into the message.
5. Use Antivirus software to protect your computer (turn on Anti-hacker security).