A European-based gang behind sophisticated and targeted
phishing attacks on small and medium enterprises has returned after
a five-month break, says security firm iDefense.
From February 2007 to January 2009, the security firm traced 38
different phishing scams that the gang launched from Eastern
Europe.
The gang operates by sending highly personalised e-mails to lure
employees mainly of SMEs into opening an attachment containing a
Trojan.
The Trojan then captures usernames and passwords and continues
to gather information on users' online bank accounts, which the
gang later uses to steal money.
Rick Howard, director of intelligence at iDefense, said the
latest attacks are similar in style to those seen five months ago,
but on a larger scale and using a different Trojan.
Phishing attacks, particularly incidences of spear phishing,
increased in volume throughout 2008 and show no sign of abating in
2009, he said.
These types of attacks continue to evolve, said Howard, with
phishers able to mimic legitimate web pages much more effectively,
making them nearly indistinguishable from genuine sites.
"Phishers are also cloaking fake URLs and launching multiple
rounds of attacks from different domains," he said.