December 2007 ~ Web Mob

Saturday, 8 December 2007

Vishing Attacks

Vishing attacks, which use automated voice recordings to lure users to fake telephone banking numbers, will become more common, it predicted.
So-called 'cross-channel phishing' will also become more prevalent, RSA said. As telephone banking channels normally operate separately to online banking departments, once hackers have certain details it is possible to phone the bank, change the PAYE code or home address, then use that information to perpetrate online banking fraud, RSA claimed.

419 Flash Mob

04:33 No comments

419 Flash Mob, supported by Artists Against 419, has declared war on criminals who host fake bank Web sites in the hope of luring victims to deposit money there. The attacks began on Wednesday.
A Web site statement from Artists Against 419 said, "This flash mob is in celebration of Chinese New Year... Our aim is to shut down eight fake bank web sites in less than 48 hours!"
The criminals who operate the 419 scam, also known as the advance fee fraud, send out emails, letters and faxes asking for help to recover a large sum of money from a bank, in return for a share of the loot. Some of these scammers have now graduated to running their own fake banking Web sites.

Web Mob fake Bank Documents

04:30 No comments

A Web Mob created fake online European banking guarantees claiming to have been issued by one of 29 European banks in a scheme designed to entice investors to hand over money. The plot involved building Web pages disguised as those belonging to Bloomberg and Euroclear, an international system for clearing securities and Eurobonds. Examples of the fake addresses include www.euroclear30.50megs.com and www.bloomberg.50megs.com.
"The amounts represented on the fraudulent sites ranged from $50m to over $400m," says Jon Merrett, assistant director of ICC's Commercial Crime Bureau and Cybercrime Unit. Merrett says that some investors have been swindled out of as much as £48,000 and further victims are still coming forward.
The ICC believes the fraudsters are based in the US and the Far East, and hopes to enlist the help of criminal police investigators in bringing them to justice. Merrett also said that this case highlights the danger of identity theft on the Internet and threatened to dent confidence in online banking technology.

Top Five Threats

03:47 No comments

1. Web Mobs: Web mobs are well organized groups of computer-savvy criminals who form hierarchical networks on the Internet in order to commit identity theft and fraud with personal identification and financial information. After gathering victim information via phishing schemes, the Web mob buys and sells the information among its members or through online auctions. They use Web sites and chat forums to discuss and exchange techniques and tools.
2. Cross-Site Scripting (CSS): CSS vulnerability is caused by the failure of a Web site to validate the intended address of user input, such as personal or financial information supplied to make an online purchase, before returning that data to the client's Web-browser. Instead, that information is sent to another, unauthorized site. This is called cross-site scripting and is caused when an intruder causes a legitimate Web server to unknowingly send a page to a victim's browser that contains malicious script or HTML. The malicious script runs with the privileges of a legitimate script originating from the legitimate Web server and redirects the information to the intruder's Web server.
3. Pharming Attacks: Pharming is the redirecting of a Web request to another location entirely. On a computer hijacked by pharmers, for example, a user will type a URL (such as their bank's Web address), but will unknowingly be redirected to a designated phishing site that looks very familiar. Because the user did not click on any obscure link, the site will appear to be legitimate.
4. Phishing: Phishing is by far the most abundant scam witnessed by the NCFTA to-date., Bank and credit card phishing scams are constantly evolving, making it more difficult to identify the forgery. Source codes which have been used to determine where "phished" information was being sent after it was harvested, are now being hidden by phishers. Phishers are also disabling mechanisms such as 'right-click' on the phishing sites for the purpose of masking the compromised URL.
5. Spyware - Trojans & Malicious Code: This is software that surreptitiously performs certain tasks on your computer, typically without the user's consent. This may include collecting personal information about you, or infecting your computer with a Trojan or malicious code. Such instruments can cause your computer to be used for other criminal conduct, such as Denial of Service attacks, or to act as part of a spam relay network.
Spyware and Trojans are downloaded onto a user's computer in two ways. First, the most frequent way is by accessing Web sites containing them. Secondly, such tools can infect a computer through a spam e-mail that includes a link to a site containing spyware or Trojans. In some instances a user need not even open the e-mail attachment for it to execute or load to your computer without one seeing it occur.