Blog

Cyber-criminals can access free kits to aid them in launching phishing attacks, an online security resource has discovered.

The kits, discovered by PandaLabs, could allow the thieves to send out mass fraudulent emails mimicking bank web pages, online pay platforms and email accounts in order to trick people into handing over financial and personal data.

From the kit a criminal can access two files. One file allows the creation of spoof emails made to look like they have come from official sources and the other allows criminals to create mock-ups of genuine web pages.

The phishing attack takes place when the criminal spams internet users with the email, with a link to the fake web page. Users who follow the link will be asked to enter their personal data. Lists of email addresses can also be purchased from the internet.

Technical director of PandaLabs Luis Corrons said that the amazing thing was that the kits were free.

“Due to the simplicity of the tools, the number of phishing attacks increases, causing companies and consumers large losses,” said Mr Corrons.

Last week spam celebrated its 30th anniversary.

If you enjoyed this post, make sure you subscribe to my RSS feed!

Spam celebrated its 30th anniversary on Saturday (May 3rd).

The first reported mass email was sent to 350 people on May 3rd 1978 by Gary Thuerk to advertise a new system his company was pioneering. Even then, users greeted the email with criticism and distrust.

Today, it is estimated that 120 billion junk emails are sent every day, often resulting in internet users’ inboxes quickly filling up.

Spam was originally referred to as flooding, until an administrator of an internet chat system bestowed it with its new nickname. The term spam is thought to refer to the Monty Python sketch where a waiter reveals there is little on the menu but the processed and canned meat.

The European Union’s internal marketing commission estimated in 2001 that spam cost internet users €10 billion (approximately £7.87 billion) a year globally.

However, spam is not just annoying but could also install malware or result in financial data being stolen, Gary Cluley, a senior technology consultant, at Sophos told the BBC.

‘Spam is a burden on all of us’ he said.

If you enjoyed this post, make sure you subscribe to my RSS feed!

Search engine providers need to be more transparent about how they utilise users’ data, a government initiative has said.

Get Safe Online, a joint initiative between the government and the Serious Organised Crime Agency, has said internet users should make a decision as to whether to remain with providers who use private information for things such as targeted advertising.

A report released this month by the European Union stated that search engines should not hold on to personal data for a period of more than six months. Google and Yahoo! currently carry a policy of rendering all users’ data anonymous after 18 months.

Managing director of Get Safe Online Tony Neate said: “It’s not always exactly transparent why they [search engine providers] need it [user data] so I’d like to see a bit more clarity in relation to the information that they hold and why.”

A June 2007 report by Privacy International said that Google demonstrated an “aggressive use of invasive or potentially invasive technologies”.

If you enjoyed this post, make sure you subscribe to my RSS feed!