Article

New phishing threat outpaces Netsky-P

Robert Westervelt, News Director

A new phishing threat aimed at customers of a German-based bank is having an effect globally as it surpasses the Netsky-P phishing malware in detections, according to antivirus vendor Fortinet.

In an advisory

    Requires Free Membership to View

issued Oct. 6, the Sunnyvale, Calif.-based vendor said BankFraud.OD!Phish targets customers of Volksbanken Raiffeisenbanken, one of Germany's largest banks. It was first detected Sept. 26 and quickly ramped up to 50,000 detections a day, said Guillaume Lovet, the European threat response team leader at Fortinet.

"This is unusual because cyber criminals now use Trojans and worms to avoid detection," Lovet said. "For that reason, worldwide outbreaks have been very limited."

Though the bank is based in Germany, nearly half of the phishing attacks were detected outside the country, Lovet said. The phishing threat is received through email with an embedded image portraying a message for a Volksbanken client to click a link to update their banking information.

Also unusual, according to Lovet, is that the email attack also contains hidden random sentences similar to sentences used with white-on-white phishing threats, but with a slightly darker shade to avoid being detected by antispam software.

"Phishers use the white-on-white strategy to evade spamming filters, but this is the first time we've seen a slightly darker shade used, so it has slipped through some spamming filters," Lovet said.

The new phishing threat outpaced Netsky-P, making it the top phishing threat globally, Lovet said.

Netsky-P is often used as a benchmark for mass mailing phishing attacks, Lovet said. The only other phishing attack to ever surpass Netsky-P was the eBay!Phish of 2005, which was a threat to a global online retailer, he said.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: