Phishers migrating to Trojan attacks

The latest report from the Anti-Phishing Working Group (APWG) has suggested a depressing if unsurprising outlook for phishing trends in 2005.

Figures for November show a 28 percent growth in such scamming over the four previous months. A total of 1518 sites were active during the month, most of which were based in the US and Asia.

The average time online was only 6.2 days but the longest managed to stay open for business for an astonishing 31 days. Fifty-one companies had their brands hijacked to hook potential victims.

Most concerning is that phishers are increasingly using “technical subterfuge – Trojan keyloggers in plain English – in favour of old-fashioned social engineering attacks. This marks a step up in sophistication as such attacks are extremely difficult to defend against and can catch out even experienced Internet users.

Keylogging Trojans are likely to be a defining characteristic of phishing over the next 12 months.

"We’ve already seen indications that phishers are already commanding automated distribution systems, apparently leveraging BOT nets, known as zombies,” APWG Chairman David Jevans was reported as saying.

“Those resources, combined with conventional key-logging and other innovative malicious code is a threat scenario that could deliver more sophisticated attacks."

Although around 75 percent of attacks are now aimed at financial institutions, it is clear that no sector can consider itself safe. The report outlines a 23 November attack on customers of Earthlink, an ISP, and one on MSN a week later. The common factor is simply that the online enterprise has a financial relationship with its users and is of sufficient size to warrant being targeted.