Anti-Fraud monitors discover a kit that eases normally difficult phishing attacks on bank and e-commerce websites.
John E. Dunn, Techworld.com Friday, January 12, 2007 09:00 AM

A software kit has been discovered for sale on the Internet that makes it possible for non-experts to set up and carry out sophisticated phishing attacks on large numbers of websites.

EMC’s RSA division reports that its Anti-Fraud Detection Center (AFCC) found the ‘universal man-in-the-middle phishing kit’ being offered in a free demonstration version on a criminal forum monitored by the company.

User Friendly

The kit–said to have a user-friendly interface designed to help the nontechnical criminal–automates the programming needed to pull off a normally tricky man-in the middle attack on websites such as banks or e-commerce sites.

Typically, the attack generated by the kit would start by duping users into clicking on a link embedded within a phishing email. This would direct them to a fraudulent URL able to communicate with the genuine website in real time, retrieving content from that site to make the scam appear as convincing as possible. Read more.

OSA Editorial Comments:

This story came across my desk this weekend and I can’t hardly belive this, we have to say: “enough is enough” or scream out from the rooftops that We as an Internet family have to band together and force politicians, the Federal Government, and International leaders to make changes in how we treat Cyber Criminals.

Get “7″ Fraud-Prevention DVDs
No Charge, No S/H, No Strings!

Your Online Security Authority
Bill Wardell

Popularity: 6% [?]

If you're a concerned parent, you may want to subscribe to the: OSA~RSS Thanks for visiting! and make sure to sign our OSA Guestbook...

If you enjoyed this post, make sure you subscribe to my RSS feed!