Phishers look to dodge site shutdowns

Online fraudsters have developed a new phishing technique in response to increasingly aggressive moves by banks to identify and shut down bogus sites. Dubbed the 'Smart Redirection Attack', the technique is designed to ensure that phishing victims are always sent to a live Web site.

  0 Be the first to comment

Phishers look to dodge site shutdowns

Editorial

This content has been selected, created and edited by the Finextra editorial team based upon its relevance and interest to our community.

The technique has been identified by RSA Security which says so far two attacks on two different banks, one based in the UK and the other in Canada, have been detected.

In a Smart Redirection Attack, a fraudster creates a number of similar phishing Web sites based at different locations. Users are then sent bogus e-mails which contain links to a single address which hosts the 'smart redirector'. When the victim clicks on the link the redirector checks all related phishing Web sites and automatically redirects them to a live site.

Naftali Bennett, senior vice president at RSA Cyota Consumer Solutions, says: "As anti-phishing vendors become more adept at shutting down phishing Web sites, inevitably the fraudsters are looking at ways to minimise the effect this has on their hit rates. Analysing which Web sites are still live - and seamlessly redirecting users to them - seems like a good way to raise the stakes."

Figures released by the Association for Payment Clearing Services (Apacs) earlier this week shows that direct fraud losses from online phishing scams in the UK almost doubled in 2005 to £23.2m, from £12.2m in 2004.

Sponsored [On-Demand Webinar] Unifying Card Programmes: The cost-reduction imperative

Related Company

Comments: (0)

[Webinar] 2025 Fraud Trends: Synthetic Identity, AI and Incoming MandatesFinextra Promoted[Webinar] 2025 Fraud Trends: Synthetic Identity, AI and Incoming Mandates