By John Leyden for The
Register.
This story has been reproduced with permission.
The ruse, recently
noted on PayPal-mimicking fraud sites www.ppal-form-ssl.com and
www.welcome-ppl.com, is reckoned to be an attempt to fool basic
anti-phishing defences (such as browser toolbars) that look at page
content. The move represents the latest salvo in the ongoing war
between phishing fraudsters and security defenders.
Stats from the Anti-Phishing Working Group record that there
were more than 37,000 unique phishing URLs in October 2006, 847 per
cent up on the 4,367 recorded in October 2005. These sites are
straightforward to locate once they are spamvertised but a new
service from Domaintools provides alerts to firms about new sites
featuring certain keywords, helping corporate to nip scams in the
bug.
© The Register
2007
