Anti-Phishing Working Group Report Indicates Phishers Achieving Greater Automation.MENLO PARK, Calif. & CAMBRIDGE, Mass. -- Anti-Phishing Working Group The AntiPhishing Working Group (APWG) is a consortium that brings together businesses affected by phishing attacks, businesses that provide security products and law enforcement. The APWG has more than 2700+ members from more than 1600 companies & agencies worldwide. (APWG APWG Anti-Phishing Working Group APWG Action Plan Work Group APWG Acquisition Policy Working Group APWG Advocates for Prostituted Women and Girls APWG AFSCN Prioritization Working Group APWG AFSCN Priorities Working Group ) analysts have uncovered disturbing shifts in phishing attacks indicating that hackers are achieving new levels of automation, possibly commanding software tools and BOT nets to vastly increase the potency of their phishing campaigns. Starting in early October, APWG analysts witnessed massive increases in the amount of phishing sites, most all outside the US, indicating that a new and powerful set of tools might have been deployed recently. Moreover, the number of sites that are being hosted on what appear to be compromised broadband PC's has risen to more than 50 percent, leading Dan Hubbard, Senior Director of Security and Technology Research at Websense, Inc., to suspect that "some automation was involved with a BOT Network to either send more emails and/or host more sites." Meanwhile, the number of brands subjected to the largest numbers of phishing attacks rose from four in July to six in October, indicating a broadening of attack subjects, CTO John Thielens of Tumbleweed Communications wrote in the APWG's Phishing Activity for October report. The APWG, with this report, authored jointly by Websense (R) Security Labs (TM) and Tumbleweed Communications, redrafted its methodology to give greater resolution to the server side of phishing attacks and, at the same time, omitted scoring of the number of attacks against individual brand-holders, referencing only broad verticals. The full text of the report is available online at: http://www.antiphishing.org/APWG_Phishing_Activity_Report-Oct2004.pdf The Anti-Phishing Working Group The APWG is the global counter-phishing flag ship organizing the community of stakeholders confronting the phishing threat, including national law enforcement agencies A law enforcement agency (LEA) is a term used to describe any agency which enforces the law. This may be a local or state police, federal agencies such as the Federal Bureau of Investigation (FBI) or the Drug Enforcement Administration (DEA). , financial institutions, national ISPs, ISVs and hardware vendors and e-commerce companies. The group has more than 930 members worldwide from some 590 companies, government regulatory agencies and law enforcement bureaus, as well as some 60 sponsors including: ActivCard (ACTI ACTI Advanced Cleanup Technologies, Inc (Rancho Dominguez, CA) ACTI Advanced Computational Technology Initiative ACTI Advisory Committee on Technology Innovation ACTI Aircrew Coordination Training Instructor ), Affinity, Anakam, Cloudmark, Cyota, Cyveillance, Datanautics, Entrust (ENTU), Experian, GeoTrust, GoDaddy, MarkMonitor, McAfee (MFE), MessageLevel, Microsoft (MSFT MSFT Microsoft (stock symbol) MSFT Movimento Sociale Fiamma Tricolore (Italy) MSFT Multi-Stage Fitness Test MSFT Master of Science in Family Therapy MSFT Macalester Students for Fair Trade ), NameProtect, NetIQ (NTIQ), PassMark, SAIC SAIC - http://saic.com. , RSA Security (RSAS RSAS RSA Security, Inc. (stock abbreviation, AMEX) RSAS Royal Swedish Academy of Sciences RSAS RAND Strategy Assessment System RSAS Reactor Safety Assessment System ), Symantec (SYMC SYMC Symantec Corporation (stock symbol) ), Trend Micro (TMIC), Tumbleweed Communications (TMWD), Vasco (VDSI), VeriSign (VRSN), Visa, Visa Canada, Websense, Inc. (WBSN), WholeSecurity, 0Spam.net |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion