23 September 2009 News

 

RSA report highlights new "Chat-in-the-Middle" threat

The latest RSA AFCC report highlights a new, unique phishing attack called "Chat-in-the-Middle". It is targeted against online banking customers and it is executed through routine means but then presents a more advanced layer of perpetrating online fraud. The phishing attack may dupe bank customers into entering their usernames and passwords into an ordinary phishing site but the addition of a bogus live chat support window can obtain even more credentials via a live chat session initiated by fraudsters.

During the live chat session, the fraudster behind the attack presents himself as a representative of the bank's fraud department and attempts to dupe customers who are online into divulging sensitive information - such as answers to secret questions that are used for online customer authentication. This attack is currently targeting a single US-based financial institution.

The attack is hosted on a well-known fast-flux network for "hire" from fraudster to fraudster, which hosts a wealth of malicious websites such as phishing websites, Trojans infection points, mule recruitment websites and more.

Also in August, correlating with a 38 per cent increase in the number of fastflux attacks launched last month, the rate of attacks hosted on fast-flux networks climbed last month from 61 percent to 73 per cent.

For volume of attacks, the US, the UK, Italy and Canada all retained their positions from July as the countries suffering the largest portion of phishing attacks.

The report is downloadable to the right of this article >