An exclusive gaming industry community targeted
to, and designed for Professionals, Businesses
and Students in the sectors and industries
of Gaming, New Media and the Web, all closely
related with it's Business and Industry.
A Rich content driven service including articles,
contributed discussion, news, reviews, networking, downloads,
and debate.
We strive to cater for cultural influencers,
technology decision makers, early adopters and business leaders in the gaming industry.
A medium to share your or contribute your ideas,
experiences, questions and point of view or network
with other colleagues here at iVirtua Community.
A new kit for sale in the digital underground makes it easier for fraudsters to run more sophisticated phishing fraud attacks.
The Universal Man-in-the-Middle Phishing Kit enables fraudsters to sit between prospective marks and legitimate businesses. Rather just setting up a bogus website that's promoted through spam email, crooks set up a fraudulent website as a conduit through a legitimate website to communicate with their victims. The technology allows con men to automatically capture victims' personal information in real-time.
Quote:
"While these types of attacks are still considered 'next generation,' we expect them to become more widespread over the course of the next 12-18 months. We are working with many organisations to ensure they are positioned to withstand whatever threats fraudsters may create," he said. ®
Such attacks have been seen before, but until now were restricted to the realm of skilled hackers. Man-in-the-Middle puts the approach in reach of script kiddies.
Quote:
A phishing kit that EMC's security division first discovered last week is still being sold and used online by fraudsters. The software, known as the Universal Man-in-the-Middle Phishing Kit, is designed to help fraudsters capture victims' personal information in real-time, according to RSA, the security division of EMC.
RSA is reporting that the phishing kit includes an online interface to help create bogus Web sites that can pull content from legitimate Web sites, such as banks or online retailers, in real-time. When unsuspecting victims visit these bogus sites and enter their usernames and passwords, the fraudsters gain immediate access to the private data.
"As institutions put additional online security measures in place, inevitably the fraudsters are looking at new ways of duping innocent victims and stealing their information and assets," said Marc Gaffan, director of marketing in the Consumer Solutions division at RSA, in a published statement.
Fraudster Friendly
The Universal Man-in-the-Middle Phishing Kit offers fraudsters two primary benefits, according to RSA.
First, it is a universal phishing kit. That means fraudsters who want to initiate a phishing attack do not have to purchase or prepare a custom phishing kit for each target. Once they acquire and operate this kit, the attack can be configured to import pages from any target Web site.