Skip to main content

Phishing Attacks Reach All-Time High

The Anti-Phishing Working Group, a pan-industry association aimed at eliminating identity theft and fraud through phishing, pharming, and email spoofing, is reporting November 2005 marked a new high in email fraud attacks (PDF), with the organization identifying nearly 17,000 unique phishing attempts and over 4,600 unique phishing sites active during the month. The number of unique phishing attacks was nearly double those identified during November 2004 and marks an all-time high.

Phishing attacks are attempts to steal sensitive or personally identifying information like credit card numbers, passwords, account numbers, and more, usually through a combination of social engineering and technical trickery. A typical phishing scheme will employ a “spoofed” email which appears to be from a bank, reputable company, or other institution requesting users verify or update their account information. Of course, the message is fake, and either transmits any collected information to a site controlled by the scammers, or (in a so-called pharming attack) directs users to a Web site which looks like the real institution, but is operated by the scammers solely to collect sensitive information. Once collected, these details are used to obtain unauthorized access to accounts or services, or sold to criminals for that purpose. Scammers also use Trojan horse programs and spyware to obtain sensitive information directly by scanning a user’s files and/or monitoring their keyboard activity.

Recommended Videos

The Anti-Phishing Working Group found that the number of brand names exploited in phishing attacks increased from 64 to 93 during the last year, and now more regularly includes names like Google, Apple, PayPal, and eBay in addition to large financial institutions and credit card companies.

Contrary to some popular belief, the AFWG found during November 2005 that nearly one third of active phishing sites were hosted within the United States with South Korea and China accounting for 11.3 and 8.04 percent respectively. Phishing sites remained online for an average of five and a half days, although some remained online and running for the entire month.

The APWG also found 165 unique password-stealing applications were active during November 2005, and more than 1,000 sites knowingly (or unwittingly) hosted password-stealing trojan horses. Phishing methods are also becoming more sophisticated, including programs which rewrite a computers DNS server information to route specific requests through rogue DNS servers operated by the scammers.

Geoff Duncan
Former Digital Trends Contributor
Geoff Duncan writes, programs, edits, plays music, and delights in making software misbehave. He's probably the only member…
Some older D-Link routers are vulnerable to attack
D-Link Omna 180 Cam HD

A few legacy D-Link routers can be vulnerable to Remote Code Execution (RCE) attacks since the company refuses to send any updates to patch them up, claiming they have reached end-of-life, as recently posted on its announcement page.

The vulnerability is a serious issue since it allows hackers to take control from anywhere in the world and use a stack buffer overflow. This attack sends more data than the buffer size can handle, potentially corrupting critical information like the return address. Thus, hackers can take control of your PC. However, the company did not detail how the threat works, possibly not informing the hackers too much about the issue.

Read more
Apple’s next Pro Display XDR may use this high-end TV tech
Apple Pro Display XDR WWDC 2019 Hands On

CEO of Display Supply Chain Consultants Ross Young recently revealed that Apple's M4 MacBook Pros are using quantum dot technology for the first time -- and now he's predicting that the Pro Display XDR 2 will use it too.

Apple didn't announce the switch from KSF to quantum dot itself, but the expert consultant firm confirmed the change by using a spectrometer on the new M4 MacBook Pro.

Read more
I had to try 4 high-end gaming mice to find one I actually liked
Four gaming mice, side-by-side.

I always thought picking the best gaming mouse for myself sounded simple enough. I've spent hours poring over graphics cards or processors, but mice? Not really. I always treated them as a straightforward pick and never spent too much time reading reviews. It helps that in the games that I play, even an average mouse can do just fine.

Or so I thought.

Read more