A software kit has been discovered on the Internet that makes it easily for the average person to create huge phishing attacks on a large numbers of websites, putting consumers at great risk.
The "universal man-in-the-middle phishing kit" is currently being offered in a free trial on a criminal forum monitored by the company. This is something that should alarm consumers as the internet grows as a place for shopping and banking in the next couple of years. The free trial and the full version are both availble through several hacker website and is pretty easy for hackers to obtain.
The program itself is pretty straight forward and simple to use. There have been programs that do similar things to this program, but usually require more time and specific coding per website. This typically takes alot of time and the websites are blacklisted by the time they get a couple of customers.
The kit is very user friendly from the design to the set up and can be easily used by average person to pull off a huge attack on something as big as a online bank or e-commerce websites. This is where the phiishing is most profitable for the criminal and typically where the consumers like you and I lose our money.
The attack would trick users to click on the link within a phishing email. This link would lead them into a phishing website. The phishing website would also communicate with the real website, so that the data is exactly the same. Also everything that you will do will be exactly like how it would be on the regular website and if you bought a digital camera on the phishing website, you would have really bought it at BestBuy. But the owners of the phishing site also act as the middleman and obtain all the information that you provided.
This type of attack is very simple to do and it can be done rather quickly. The current "full version" of the software sells for about $1000, which is nothing to a criminal who can earn that back through a simple Visa transaction. So it is also generally cheap. The only thing the user really needs to do is register a domain name and the program will do the rest.
So this will probably become common in the internet marketplace and part of the reason that e-commerce hasn't become extremly popular yet. And it should not be a surprise that there are been a large number of victims for this crime in 2006 alone. It is typically due to the lack of knowledge about these attacks to the general public.
So be alert the next time you shop or bank online. Remember to check the URL, to make sure the website is correct.
Email this
Share on Facebook
Malaysia group says Valentine's Day promotes immoral activity
Listen
Print
Social Comments ()
Digital Journal Comments (7)
