Phishers have found a new way of storing the data they steal - in a MySQL database.
Typically, phishing kits are less sophisticated than Trojan kits, either sending information to the fraudster’s email address or storing the information on the phishing server as a text file.
But in its June ‘Fraud Report’, RSA said it has discovered phishing kits that store stolen data directly in a MySQL database on the phishing server. This means fraudsters can more quickly and easily access and manipulate the stolen data, after acessing it via PHP pages.
It also means that the criminals can efficiently review the data and even delete false or partial data.
RSA predicted that such phishing kits will grow in popularity in the underground community and “eventually become a commodity”. This is because they offer similar functionality to some Trojan kits, which are traditionally more rounded products.
The security vendor found that 11 percent of the banking brands attacked by phishing in June were in the UK. This placed the UK as the second most targeted country, after the US which represented a massive 53 percent of the banking brands.
The UK was also the second largest host of phishing attacks, with 8 percent hosted in the country. The main host was the US, with 57 percent of attacks.