Decisions - Security - A Phishy Tale.

(From Financial Director)

Byline: Anthony Harrington.

The current wave of phishing attacks on customers of financial institutions and e-commerce sites such as eBay and PayPal are already being supplanted - or in some cases supplemented - by a more deadly and wholly invisible form of identity theft.

The aim remains the theft of user passwords and account numbers, but today's attacks do not simply rely on a dodgy email purported to be from the user's bank. Instead, as Graham Cluley, senior technologist at Sophos, points out, they come in the form of an invisible virus - a modified form of the Tofger Trojan.

Trojans are classified as malware - malicious software that is stealthily downloaded onto end-user PCs from a variety of distribution points on the web. They are designed to be invisible to users and can take a while to be picked up by antivirus software.

The modified Tofger Trojan watches and waits until the end-user logs on to a site that the Trojan recognises as a banking site. Then it captures all the keystrokes the user makes and takes regular snapshots of the screen display. All this is then uploaded to the hacker. "This is an attack that even sophisticated users can fall prey to. The only defence is to keep your antivirus software up to date and sweep your system regularly using specialist antispyware software," Cluley comments.

Cluley also points out that while many of the standard phishing emails purporting to come from the likes of Lloyds Bank or the Halifax or eBay give themselves away with clumsy English phrasing - not to mention the unlikely nature of the request - a new round of phishing attacks is far more subtle. "We are seeing letters that could easily fool a large number of users. They may say something like: 'You can now view your statements online by clicking on the following link,' or 'We have a great new offer for you as an online banking customer. Click here'."