News

SMEs hit by increasing spear phishing attacks

A European-based gang behind sophisticated and targeted phishing attacks on small and medium enterprises has returned after a five-month break, says security firm iDefense.

From February 2007 to January 2009, the security firm traced 38 different phishing scams that the gang launched from Eastern Europe.

The gang operates by sending highly personalised e-mails to lure employees mainly of SMEs into opening an attachment containing a Trojan.

The Trojan then captures usernames and passwords and continues to gather information on users' online bank accounts, which the gang later uses to steal money.

Rick Howard, director of intelligence at iDefense, said the latest attacks are similar in style to those seen five months ago, but on a larger scale and using a different Trojan.

Phishing attacks, particularly incidences of spear phishing, increased in volume throughout 2008 and show no sign of abating in 2009, he said.

These types of attacks continue to evolve, said Howard, with phishers able to mimic legitimate web pages much more effectively, making them nearly indistinguishable from genuine sites.

"Phishers are also cloaking fake URLs and launching multiple rounds of attacks from different domains," he said.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy