SMEs hit by increasing spear phishing attacks


SMEs hit by increasing spear phishing attacks

Warwick Ashford

A European-based gang behind sophisticated and targeted phishing attacks on small and medium enterprises has returned after a five-month break, says security firm iDefense.

From February 2007 to January 2009, the security firm traced 38 different phishing scams that the gang launched from Eastern Europe.

The gang operates by sending highly personalised e-mails to lure employees mainly of SMEs into opening an attachment containing a Trojan.

The Trojan then captures usernames and passwords and continues to gather information on users' online bank accounts, which the gang later uses to steal money.

Rick Howard, director of intelligence at iDefense, said the latest attacks are similar in style to those seen five months ago, but on a larger scale and using a different Trojan.

Phishing attacks, particularly incidences of spear phishing, increased in volume throughout 2008 and show no sign of abating in 2009, he said.

These types of attacks continue to evolve, said Howard, with phishers able to mimic legitimate web pages much more effectively, making them nearly indistinguishable from genuine sites.

"Phishers are also cloaking fake URLs and launching multiple rounds of attacks from different domains," he said.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy