Auto toolkit phishing attacks continue to rise

Peter Dinham
Monday, 10 August 2009 15:31

Business IT - Technology

The use of automated phishing toolkits continues unabated, with the number of phishing URLs generated using the toolkits soaring to 63 percent in July, an increase of 150 percent.

In its August phishing report, Symantec also says the number of free web hosting services used for developing phishing sites increased significantly, with more than 130 used in July, accounting for six percent of all phishing attacks.

Symantec observed that there was what it called a “vast increase” in toolkit attacks during the first half of July, primarily targeting the information services sectors.

According to Symantec, the increased toolkit attacks observed since the previous month continued to primarily target “a social networking site popular in the United States.”
 
“This toolkit attack is in all likelihood related to a specific command & control server being reactivated. These attacks targeted towards the information services sector, facilitates attackers in the collection of personal data to leverage further spamming activities.”

At the same time, the security firm says it observed an increase in attacks employing fraudulent use of hijacked web pages, with the pages appearing legitimate, offering intended victims a false sense of security.

Symantec reports that it observed that 37 percent of all attacks were from unique phishing websites, which included more than 226 targeted brands, and, although the unique phishing activity decreased by only eight percent in July, the proportion of unique phishing URLs decreased considerably from 62% in June to 35% in July – all as a result of a sharp increase in toolkit activity as “the trending of the two is usually inversely correlated.” 

CONTINUED page 2