Phishers snare victims in customised nets

Targeted phishing attacks pose a growing threat according to security firm MessageLabs

Phishing attacks are growing more sophisticated and will represent a major security threat in the future as the number of converged spyware, spam and virus attacks grows, according to the chief technology officer of a major email and web security firm.

Mark Sunner of MessageLabs told IT Week that researchers at his firm have recently seen phishing attacks that employ information collected from users’ PCs by spyware. The criminals aim to make their scam messages more targeted and effective by using the inside information gained in this way.

"We're now in the midst of a new level of convergence triggered by the necessity [to make money] from targeted attacks," Sunner explained. "In 12 months we'll pinpoint this time as the moment spam and viruses converged with spyware."

Sunner likened the importance of the development to the period in 2003 which saw "the botnet phenomenon take-off overnight" and the first time that criminals merged spam and viruses with the release of the Sobig.A virus.

"We're seeing it in an embryonic phase with phishing attacks targeting people who actually use that bank, not a scattergun approach," Sunner said. "They use the customer's real name, address and [other details]." He added that as this type of attack becomes more popular, it is likely to bring to a head the issue of banks footing the bill for customers who become victims of phishing fraud.

"You used to be able to educate against phishing attacks but now [they are becoming harder to spot] and it will begin to get under people's radars," he said. "The banks' problem is they don't know where the customer has been before [and if their PC has been infected with spyware]…but they will cover this cost as long as possible."

Social networking sites such as MySpace represent a particular risk if criminals also begin to mine them for personal information in the future, to use in similar attacks, Sunner added. He also argued that instant messaging threats could rocket in about a year's time as the four public IM clients bow to pressure to interoperate, creating one giant messaging ecosystem offering criminals a much more profitable target for attack.

In other news, anti-virus specialist Kaspersky Lab last week released a new report warning that ransomware authors are using increasingly sophisticated encryption algorithms when blackmailing firms. In the future these techniques could even outwit the anti-virus industry, said the firm.