back to article Cybercrooks send in Bouncer to guide marks to phishing sites

Cybercrooks have begun bundling whitelisting technology with phishing kits in a bid to restrict access to phishing sites to only their intended victims. The tactic of blacklisting IP addresses associated with security firms from accessing banking fraud sites has been in play for at least a few months now, but a new phishing …


This topic is closed for new posts.
  1. Wallyb132


    Well this certainly adds an interesting twist to things. I can imagine this is going to cause some serious headaches for the researchers...

    The interesting part of the story is the figures given at the end. The number of phishing attacks went up by 50% but the loses due to these attacks only increased by 22%. So all in all, even though the number of attacks is increasing, they are becoming less successful.

    It kills me every time i read about someone getting taken by phishing attacks, its really not hard to avoid turning yourself into a (broke) victim. A little common sense can go a long way, but common sense isn't as common as its name implies...

    1. Pie

      Re: Interesting...

      I think you are being a little harsh on some of the people who are being caught out. A lot of people use the internet as a tool that they know very little if anything about, they view an email from their bank/paypal as a legitimate form of communication and one that they may be used to seeing. So when it says there has been a problem they believe it and act on it quickly... I have friends who have spoken to me about emails they recieved which they say looked legitimate, I point out the holes in the emails and they understand, but to them on first viewing they were correct.

      So it should be up to us to help educate our friends and family about these pitfalls, make sure they understand how valuable their data is and how to keep it safe.

    2. Robert Helpmann?? Silver badge

      Re: Interesting...

      The total number of phishing attacks launched in 2012 was 445,004, up 59 per cent on the 279,580 attacks recorded in 2011.

      The total number of reported phishing attacks launched in 2012 was 445,004...seems a little more on the mark. One of the reasons the bad guys get away with this kind of attack is that both individuals and groups are often embarrassed at having been gulled and never report when it happens.

  2. Oldfogey

    Irresponsible banks

    It would help a lot if banks etc. would stop sending out emails containing links, OF ANY SORT! The say they will not ask for your security details, but any link is dangerous as it could be to a trojan or whatever.

    It would also help if they would not ring you up about something, and ask you to prove your identity without being able to prove theirs. Every time it happens they seem to be startled that I do not automatically believe them.

  3. Gordon Fecyk

    Ban WordPress! Ban it now!!!!1!!1one

    As a prelude to Bouncer-based attacks, cybercrooks are taking advantage of WordPress plugin vulnerabilities to compromise and hijack websites before uploading a web-shell to hijacked sites, and then exploiting them as resources in phishing fraud campaigns.

    Well the solution is obvious, isn't it? If Trend Micro can tell everyone to uninstall Java and cripple their browsers, I can tell everyone to uninstall WordPress and write their own content management systems, yes?

    (Sarcasm self-test complete. I'll get my coat...)

    1. Anonymous Coward
      Anonymous Coward

      Re: Ban WordPress! Ban it now!!!!1!!1one

      If anyone had listened to you good sir, we could have had two whole days without Wordpress and it's evil evil plugins.

  4. streaky


    Everybody who works in anything related to security and the internet has known about this for years. You couldn't even patent it because non-obviousness goes *well* out the window.

    Now RSA have discovered it, it's an important story now though! Good job following the BBC into this press release reading idiocy there 'reg hacks :)

  5. Franklin
    Thumb Down

    Not just phishing sites

    I've started to see sites using exploit kits to drop malware that do the same thing, placing a unique code in an emailed URL and returning a 404 if they don't see the correct code. They also will return a 404 if they don't see a windows user-agent string, presumably to slow down security and abuse teams not running windows.

  6. Anonymous Coward
    Anonymous Coward

    Not to worry

    For every trick of a scumbag crook, there are countermeasures from the white hats. Soon more of the scum will be behind prison bars.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2020