Symantec Says Phishers Have New Tools
Page 1 of 1
Phishing and spam are intimately related on the Internet, as spammers use phishing attacks to secure access to victims' accounts on trusted Web sites such as Twitter and Facebook, according to two reports from Symantec (NASDAQ: SYMC).
"It is important that end users are educated and it is important that IT managers take measures against attacks," said Dermot Harnett, Symantec's senior director of anti-spam engineering and a co-author of the State of Spam and State of Phishing monthly reports.
"There are products -- not just Symantec's -- that managers can use. It is important that we as a community protect ourselves," Harnett told InternetNews.com.
Thieves use "phishing lures," which the State of Phishing report defined as "URLs distributed in spam/phishing e-mail utilized to lure victims to fraudulent phishing websites."
"Symantec suspects that the initial Facebook phishing attack vector was through forged spam e-mail. However, once user accounts had been compromised, the attacks were most likely launched through Facebook itself," the report said.
The company reported that 42 percent of phishing URLs were generated using phishing toolkits, double the rate of the previous month, and that many of these toolkits were created to target specific brands.
It's not the first report saying that the thieves are after money, especially bank account credentials and credit card numbers.
But while the goals of the attacks remain the same, the tools are changing. Social networking sites such as Twitter and Facebook are targeted, perhaps because they allow spammers and phishers to get past the filter and into victim's mailboxes.
When spammers were unable to target social networks directly, they attacked ancillary services. One attack targeted DateTwit, a service for Twitter users. "With these attacks, Spammers hope that they can lure recipients into action by hiding behind the reputation of the Twitter social networking brand that continues to grow in popularity," the State of Spam report said.
Other spam scams include fake diploma mills, diabetes advice and massage therapy courses, the report added.
Facebook was also attacked. "In May, Symantec observed a new trend of phishing attacks towards the popular social-networking site Facebook," the State of Phishing report said. "The purpose of phishing attacks towards popular information services sites are primarily to obtain a large number of credentials and leverage e-mail services for spamming activities."
"Fortunately the team at Facebook regarded the phishing attacks very seriously and worked diligently to remove messages with those links, and helping secure any compromised accounts," the report added.
Phishers took advantage of free Web hosting offers, especially in the U.S., according to the report. 98 Web hosts hosted 1,434 phishing sites, and 44 percent of sites were hosted in the U.S.
.com remained the most popular top-level domain, with 54 percent of phishing sites in May.