Phishers targeting phishers
25 January 2008 | 7900 views | 0
In a new twist, would-be fraudsters are being scammed by a gang offering free do-it-yourself phishing kits on the Internet, says e-security outfit Netcraft.
The kits are the work of a group of Moroccon fraudsters known as "Mr Brain", says Netcraft's Paul Mutton in a blog. Hidden code embedded in the kits sends any personal information stolen by would-be fraudsters back to Mr Brain.
The gang has launched a Web site offering kits for targets such as Bank of America, eBay, PayPal and HSBC. On offer to potential fraudsters are phishing site code, e-mail templates and other hacking tools. Mutton says the tools and code make it easy and quick for fraudsters to set up phishing sites with only a basic knowledge of PHP programming.
NetCraft says the gang's site claims the kits can be used to steal confidential data such as social security, credit card and PIN numbers. The gang claim the kits are undetectable by Mozilla, Opera and Internet Explorer browsers.
But, what the kits' users don't know is that hidden code sends the stolen details back to the Mr Brain group's e-mail accounts. Mr Brain disguises its e-mail address by exploiting the case-sensitivity in PHP variable names.
"Most fraudsters are unlikely to notice this level of obfuscation and will assume the script is working normally, as they will also receive a copy of any e-mails produced by the script," says Mutton in his blog.
"Such deception is a useful tactic for any fraudster who wishes to maximize the number of successful attacks, as the work of deploying the phishing sites and sending the mails is then carried out free of charge by novice fraudsters on behalf of the author," adds Mutton.
Earlier this month Mutton says he warned of a similar scam involving a kit that targets Bank of America customers.