• Investment World
• eWorld
• Brand Line
• Mentor
• Life
• Brand Quest
• The New Manager
• BL Club
• Smartbuy

Stocks

• Quotes
• SE Diary
• Scoreboard
• Open-End Mutual Fund

Cross Currency

• Rates
  
  

Shipping

• Ports
  
  

Archives

• Yesterday
• Datewise
• Resources
• In Focus
• In Depth
• Events 2007

Group Sites

• The Hindu
• The Hindu ePaper
• Business Line
• Business Line ePaper
• Sportstar
• Frontline
• The Hindu eBooks
• The Hindu Images

R. Savitha

Pune, Nov. 17 Online fraud is evolving. Phishing and pharming represent one of the organised and innovative technological crime waves faced by online businesses. Fraudsters have new tools at their disposal and are able to adapt more rapidly than ever.

Talking to Business Line, Mr Vishal Dhupar, Managing Director, Symantec India, noted that during October, it had observed 39 per cent phishing URLs generated using phishing toolkits. This is an increase of 97 per cent from September. More sophisticated automations have brought about the surge in toolkits attacks as well, he said.

He noted that phishers today use IP addresses as part of the host name instead of a domain name. This is a tactic used to hide the actual fake domain name that otherwise can be easily noticed.

Also, many banks use IP addresses in their Web site URLs. This makes it confusing for customers to distinguish a legitimate brand IP from a fake IP address. The financial sector remained the most vulnerable sector, with 87 per cent phishing URLs reported.

A total of 1,098 phish sites were hosted in 70 countries, which accounts for an increase of around 141 per cent of IP attacks compared with the previous month. The rise in IP-based attacks were a part of the overall surge in phishing during the month.

.

Between the second half of 2006, when 13,353 phishing Web site hosts were detected, and the second half of 2007, Symantec observed a dramatic increase of 559 per cent in phishing Web site hosts.

“Talking about India specifically, in the last six months of 2007 we have observed 345 unique phishing URLs with IP addresses hosted in India,” he said.

Commenting on the new areas that are the target segment, Mr Vishal noted that according to Symantec’s Internet Security Threat Report Volume XIII, majority of phished Web sites that were detected globally during the last six months spoofed social networking sites.

This is a sign of caution for India too, since according to a recent industry report, nearly 5-6 million Indians are actively involved in social networking and spend approximately 25-75 per cent of their time online in social networking activities. They can become easy preys to ‘abuse of trust’ tactics.

According to the Symantec report, social networking sites are easy for criminals to spoof and because social networking pages are generally trusted by users, phishing attacks mimicking them may be more successful.

Profiles on social networking sites often contain a significant amount of personal information about the user, spoofed social networking pages can include links to false download that require users to enter confidential information such as authentication information or credit card information that can subsequently be used for fraudulent purposes, he pointed out.

More Stories on : Security

Article E-Mail :: Comment :: Syndication :: Printer Friendly Page

Copyright © 2008, The Hindu Business Line. Republication or redissemination of the contents of this screen are expressly prohibited without the written consent of The Hindu Business Line