DISCLAIMER: Logging other people's keystrokes or breaking
into other people's computer without their permission can
be considered illegal by the courts of many countries.
The monitoring software reviewed here is ONLY for authorized
system administrators and/or owners of computers.
We assume no liability and are not responsible for any misuse
or damage caused by the keylogging software. The end user of
this software is obliged to obey all applicable local, state,
federal and other laws in his country of residence.
December 04th, 2007
Shorter URLs help phishers hook more victims
Phishers are using shorter URLs for malicious sites in a bid to lend an air of legitimacy to threatening links.
Internet Security Services, IBM's online-security division, claims to have noticed a significant drop in the number of characters used by fraudsters in their phishing URLs.
A post on ISS's Frequency X blog stated that ‘analysts have been observing host names within fraudulent phishing URLs consistently arrive with lengths of between 30 and 37 characters’; observers ‘have noted a significant change’ as phishing host names have shrunk down to an average of only 17 characters in recent weeks.
Ralf Iffert, researcher for ISS's X-Force threat analysis team and author of the Frequency X blog, believes this is another step in the increasingly sophisticated social-engineering measures adopted by cybercriminals.
Phishers ‘appear to have adopted shorter URLs to avoid the suspicion of their potential victims,’ he said.
Steve Reddock, senior IT specialist for ISS, believes that this is a developing trend. ‘This is a pattern we've noticed over several months; it's not just a blip.’
Reddock said phishers often experiment with new techniques, but only for very short periods of time. However, in this case, the tactic of using shortened URLs as a means of deception has been around long enough to be considered a best practice for cybercriminals.
‘It has to be making money for them. These groups run very efficient businesses,’ he said.
Paul Ducklin, head of technology for the Asia-Pacific region at security firm Sophos, said users and security firms alike should be wary of making assumptions based on the character length of a URL, be it long or short.
‘We need to be careful about security metrics, which might lead users to assume a reliable correlation between the size of an Internet object and its danger...In any case, your e-mail client may disguise the real URL with a link that looks completely different - not just a different length - from what it really is,’ he said.
ISS' Reddock claims that as users have become more aware of dangerous links, revenues have declined for phishers, thus prompting the need for new approaches.
‘The fact that they felt the need to make this move suggests that they were seeing diminishing returns,’ Reddock said.
Sophos' Paul Ducklin remains skeptical as to whether this new tactic will make a difference - or whether it is something phishers will continue using.
‘Size, as they say, generally doesn't matter,’ Ducklin added.
Source: CNET NEWS
All news for December, 2008
All news for 2008 year
All news for 2007 year
All news for 2006 year
All news for 2005 year
All news for 2004 year
DONATION: Keylogger.org is an independent research
project supported by a team of enthusiasts. If you find this
project useful or would like to help foster its continued
development please consider making a donation using PayPal`s
online secure payment service. A PayPal account is not required.
All major credit cards are accepted (MasterCard/Eurocard,
Visa/Delta/Electron, American Express, Switch/Maestro, Solo).
Simply click the button below.
Any amount would be useful and appreciated!
Thanks in advance for your support!
|
