Hackers are using live online chat windows to carry out a new
type of
phishing attack to steal personal banking details, warns
RSA, the security division of EMC.
The attacks redirect victims to a website that asks confirmation
of user name and password and then displayes a fake live chat
support window.
The live chat message appears to be from the fraud department of
the victim's bank and asks them to validate their account by
entering some contact information.
Fraudsters then collect further information about the victim
such as name, phone number, email address and answers to questions
used for customer authentication.
These details may enable online or phone fraud against the
victim's account, according to the latest monthly report by the RSA
anti-fraud command centre.
A US-based financial institution has fallen victim to the
attack, but the report said users of all online banking sites
should be wary of similar chat activity.
The attack, dubbed "chat-in-the-middle", is hosted on a network
associated with a wide variety of cyber criminal activities, the
report said.
The network, known as a fast flux network, use peer-to-peer
technology to change the location of command-and-control servers
continually to avoid detection by law enforcement authorities.
The live chat tactic ensures that cybercriminals receive
compromised information in real time, increasing opportunities for
attack, the report said.
The number of phishing attacks for August broke the previous
monthly record of 15,000 set in April 2008 to reach an
unprecedented total of 16,164.
Standard phishing attacks increased only 2% in August, compared
with a 38% increase in the number of fast flux attacks, RSA
researchers found.
The sharp spike in fast flux attacks in August led to a 22%
increase in the overall number of phishing attacks in July, the
report said.