With the recently discovered “plug and play” phishing kit, a relatively “non-technical” person with the right information could launch a phishing attack against any financial institution. No technical expertise is needed by the phisher, and it is far less risky as the remote host is only accessed once,” said Marc Gaffan, director of marketing with RSA’s consumer solutions group. The new “plug-and-play” phishing kit reduces the time and effort required of the fraudster by automating the site installation process. The “kit” is a single PHP code file, which is run on the compromised server once, and automatically creates the relevant directories and installs all of the files which are associated with the specific phishing site.<\/p>\n","protected":false},"excerpt":{"rendered":"
Gaffan noted when the RSA Anti Fraud Command Center (AFCC) found the new type of phishing kit they found it is actually a single file which creates an entire phishing site on a compromised server when “double-clicked” on, similar to “.exe” installation files.<\/p>\n
This is a change from traditional phishing sites that usually include various files which are installed on a compromised server where the attack is hosted. The convenience of creating phishing attacks with the “plug-and-play” phishing kit has no impact on how these attacks are detected and mitigated. “The others who were attacked, were payment oriented sites, or have access to customer credentials,” he noted. <\/p>\n
The trends RSA sees in the type of bank or credit union being attacked, Gaffan noted is the further penetration to smaller, regional banks and credit unions. They are now targeting small credit unions, with smaller pools of members and getting a small percentage of bites, Gaffan explained. One reason for the phishers moving down the scale is that the larger institutions are better prepared for takedown and countermeasures. Another type of phishing hitting regional banks and credit unions is “spear phishing,” Gaffan said. The phisher’s chance of getting a high hit rate is based on people feel more secure banking at a smaller institution, Gaffan explained.<\/p>\n
http:\/\/www.bankinfosecurity.com\/articles.php?art_id=499<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9],"tags":[],"class_list":["post-374","post","type-post","status-publish","format-standard","hentry","category-financial"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/374","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=374"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/374\/revisions"}],"predecessor-version":[{"id":2861,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/374\/revisions\/2861"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=374"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=374"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=374"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}