Digital Transactions Authoritative, insightful and timely information for payments professionals
A new tactic has been discovered that lets fraudsters keep their online crimes going even as authorities are identifying and shutting down phishing sites. RSA Security Inc., whose RSA Cyota Anti-Fraud Command Center discovered the new tactic, says it is called a smart redirection attack and is intended to make sure phishing victims still connect to a live site when other online users have reported the phishers' operation to law-enforcement authorities or Internet service providers. The news comes as reports indicate that phishing–which is an online crime in which fraudsters trick consumers into visiting sites that are look-alikes for trusted brands and giving up passwords, PINs, and other sensitive information?represents a greater threat than ever to the e-commerce transaction channel. Data compiled by the Anti-Phishing Working Group show the number of unique Web sites hosting phishing attacks exploded in December, to 7,197 (Digital Transactions News, Feb. 14). That's up 55% over November and represents a more than four-fold increase over December 2004. The APWG, a consortium of law-enforcement agencies, payment-card companies, transaction processors, and software firms that monitors the fraud, says phishing fraudsters are growing more insidious in their techniques to combat efforts to shut them down. In a smart redirection attack, fraudsters set up multiple Web sites at various locations and then broadcast e-mails to consumers in the standard fashion. But these e-mails contain URLs that link to an IP address hosting the redirector. When the recipient clicks on the link, the redirector scans all the sites the fraudsters have set up and sends the victim to one that is still in operation. The redirection happens without the victim's knowledge, as the address is hidden. “As anti-phishing vendors become more adept at shutting down phishing Web sites, inevitably the fraudsters are looking at ways to minimize the effect this has on their hit rates,” says Naftali Bennett, a senior vice president at RSA Cyota Consumer Solutions, in a statement. “Analyzing which Web sites are still live?and seamlessly redirecting users to them?seems like a good way to raise the stakes.” Bedford, Mass.-based RSA acquired Cyota Inc., which produces anti-phishing and transaction-checking software, late last year for $145 million (Digital Transactions News, Dec. 7, 2005).
