A new 'plug and play' phishing kit can let fraudsters create phishing site in two seconds, has been found by security firm RSA.
The security firm’s Anti-Fraud Command Center (AFCC) has discovered what it calls a “plug-and-play” phishing kit, which can create a fully functional phishing site on a compromised server in two seconds, once double-clicked on. The kit consists of a single electronic file that fraudsters can upload to a server.
The traditional method of creating phishing sites involves installing various files one-by-one in corresponding directories. This process requires multiple visits to the compromised server and manual installation, which increases the chance of detection, says RSA, a unit of EMC. By automating this installation process, it means a criminal need only visit the server once, which decreases the chance of detection.
This new development in online fraud could also enable online attackers to automatically search for vulnerable servers without actually hacking into the server, warned RSA Security in its Monthly Online Fraud Report.
Attackers already use tools to automatically scan and detect vulnerable servers. The RSA warned: “The potential combination of these methods—tracing and compromising vulnerable servers, along with plug-and-play phishing kits—would significantly decrease the workload involved in creating and launching new attacks,” says the report.
The report also stated that the UK is the number two hot spot for phishing attacks for the fifth consecutive month.
The RSA also identified 36 institutions that it had not seen attacked before.
The RSA AFCC detects, monitors and shuts down phishing, pharming and Trojan attacks for around 200 institutions worldwide.