Man-in-the-middle phishing kits circulating freely on the Web
10 August 2007 | 13126 views | 0
Security vendor RSA is reporting an increase in the amount of free 'man-in-the-middle' phishing kits - designed to subvert bank two-factor authentication controls - circulating in the fraudster underground.
In its monthly online fraud report, the RSA FraudAction Intelligence team has highlighted a rise in the number of hacker repositories dedicated to providing free man-in-the-middle kits. The kits themselves target more than ten of the world's leading financial institutions, says the vendor.
The free kits are usually primed to send stolen user credentials to both the instigator of the fraud and the creator of the software.
The vendor first encountered demo kits for sale on the Web in January this year. It forecasts a sharp increase in man-in-the-middle attacks as the software becomes more widely available over the next twelve months.
American consumers lost more than $7 billion over the last two years to viruses, spyware, and phishing scams, according to a Consumer Reports survey released earlier this week.