Peter Dinham
Monday, 13 July 2009 15:37
Business IT -
Security
Page 1 of 2
Spammers have employed a new technique in their phishing attacks on the Australian Taxation Office website in an attempt to snatch tax refund details from users of the site doing their tax return online.
In the phishing scam, described by Symantec as
technically ‘very nifty, the intended victims were asked to supply
details and print a form which, when completed, was to be sent to the
mailing address to process the tax refund.
According to Symantec in its latest phishing report, if someone
completed the form and clicked on the "print" button, what actually
happened was that the confidential information was sent to a server
utilising the fraud domain. (iTWire readers were
warned of this phishing ploy in June.)
Symantec says in the scam it observed the new technique being used by
scammers at the close of the financial year, with most of the phishing
attacks traced back to compromised Web servers hosted in Germany and
Australia.
However, “fortunately the Australian Taxation Office took serious note
of the phishing attacks and worked diligently to gain control over it,”
Symantec says.
In its report, Symantec also says it observed that in June 62 percent
of all attacks around the world were from unique phishing Web sites,
which included more than 208 targeted known brands. In the Asia Pacific
region, including Australia, Symantec observed an overall increase of
21 per cent in phishing attacks in comparison to May.
Worldwide, Symantec reports that the unique attacks increased by 27
percent from the previous month, with the increase likely to be a
result of phishers evading the phishing mitigation tactics of several
web hosting companies to their benefit, and partially attributed to an
overall increase in the volume of phishing activity in June.
CONTINUED page 2
LATEST HEADLINES FROM YOUR IT
