24 January 2017
visit http://www.wolterskluwerfs.com

E-crime gang dumps phishing for Zeus - APWG

21 October 2010  |  10863 views  |  2 ID Fraud

The world's most prolific phishing gang has ditched the technique in favour of the Zeus password-stealing crimeware that does not require the victim to hand over their financial account credentials, according to a report from APWG.

APWG says its researchers have found a change in the methods of criminals behind the Avalanche botnet, which accounted for two-thirds of all phishing attacks observed worldwide in late 2009, leading victims to fake Web sites and tricking them into handing over details.

The Avalanche infrastructure was involved in just four conventional phishing attacks in the month of July 2010. Instead, the syndicate ramped up a concerted campaign of crimeware propagation to fool victims into receiving the Zeus Trojan and infecting their PCs with it.

Avalanche has been sending billions of faked messages from tax authorities such as the IRS, false alerts and updates purporting to be from popular social networking sites, and other lures, says APWG. These lures take victims to drive-by download sites, where the criminals infect vulnerable machines.

Once a machine is infected, the criminals can remotely access it, steal personal information and intercept passwords and online transactions. The criminals can even log into the victim's machine to perform online banking transactions.

Report co-author Rod Rasmussen says: "While the cessation of phishing operations by the Avalanche phishing group is great news for the anti-phishing community, their shift to the nearly exclusive distribution of Zeus malware is an ominous development in the e-crime landscape. Their spamming and other activities to target victims continues at high levels, implying they are finding malware distribution a more effective and profitable tactic than traditional phishing."

Comments: (2)

David Divitt
David Divitt - VocaLink - London | 21 October, 2010, 13:35

This news is very concerning, although it probably isn't surprising. What this means is that we are likely to see a sharp rise in the more sophisticated, and harder to detect forms of internet banking fraud such as man-in-the-browser, which may signal the beginning of a new wave of internet banking fraud globally.

Banks need to ensure they are monitoring customer behaviour and profiling their typical activity. The highest risk patterns such as transfers to a new beneficiary need to be risk ranked and checked using alternative methods of communication such as an SMS message to a mobile phone - even by those banks that employ multi factor authentication as part of the login process.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
A Finextra member
A Finextra member | 01 November, 2010, 14:23

News that APWC researchers found that phishing criminals have ditched the technique in favour of the Zeus password-stealing trojan could spark a huge cyber crime wave affecting millions of individuals. Banks and authorities must go the extra mile in protecting consumers through education on how to identify threats and how it can be prevented through the use of strong authentication devices that are available for online banking.

Phishing scams thrive on a lack of customer knowledge, while trojans silently steal ebanking login and password information without the end user realising it. Strong authentication solutions, already in use by banks such as Nationwide and Barclays, can prevent this type of fraud because they utilise transaction signing as part of their two factor authentication solutions, which allows the banks to detect data tampering by Trojans during man-in-browser style attacks. This strong authentication method has already shown to significantly reduce online fraud in the UK. Going one step further, the use of dynamic signatures could reduce the chances of social engineering attacks on customers drastically.

Cybercriminals are evolving rapidly and are using increasingly more sophisticated technology and the threat is far greater as a result. Banks and governments must work closely together to educate individuals on how best to protect their data while also equipping them with the right tools.

 

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Ukraine arrests key players in $70m Zeus fraud

Ukraine arrests key players in $70m Zeus fraud

04 October 2010  |  7850 views  |  0 comments
US charges dozens over Zeus scam

US charges dozens over Zeus scam

01 October 2010  |  9780 views  |  1 comments
Zeus Trojan opens backdoor crack to two-factor SMS authentication

Zeus Trojan opens backdoor crack to two-factor SMS authentication

27 September 2010  |  13316 views  |  0 comments
Zeus Trojan steals £675,000 from UK bank

Zeus Trojan steals £675,000 from UK bank

10 August 2010  |  11528 views  |  0 comments
Police arrest six over phishing scam

Police arrest six over phishing scam

04 August 2010  |  10464 views  |  0 comments
Crooks dupe fellow cons into doing their phishing for them

Crooks dupe fellow cons into doing their phishing for them

23 July 2010  |  7274 views  |  0 comments
PayPal says its own e-mails are phishy

PayPal says its own e-mails are phishy

04 December 2009  |  11806 views  |  1 comments

Related blogs

Create a blog about this story (membership required)
Visit capgemini.comVisit contisgroup.comhttp://www.financialcrimerisk.fiserv.com/aml?r=finextra

Who is commenting?

A Finextra member Finextra Member Commented on: UK banks strike branch...
A Finextra member Finextra Member Commented on: Western Union to pay $...

Top topics

Most viewed Most shared
US fintech firms join forces to push data sharing via APIsUS fintech firms join forces to push data...
10748 views comments | 62 tweets | 53 linkedin
EU watchdog tells FS firms to focus on blockchain security risksEU watchdog tells FS firms to focus on blo...
6500 views comments | 16 tweets | 25 linkedin
hands typing furiouslyBlockchain: Securities market infrastructu...
6381 views 0 | 3 tweets | 4 linkedin
New York regulator blasts OCC over bank charter plan for fintech firmsNew York regulator blasts OCC over bank ch...
6295 views comments | 21 tweets | 15 linkedin
China's Ant Financial goes global in bid for two billion users in 10 yearsChina's Ant Financial goes global in bid f...
6041 views comments | 22 tweets | 12 linkedin