After direct attacks on email ids, phishing attacks are being outsourced as a service.
Vincent Weafer, head, security response, Symantec, said: “There is an underground economy that guarantees the phishing attacks. In fact, there are money-back guarantees for renting and leasing out tools that can be used for spreading malware and phishing attacks. There are regionalised professional tools that can host a site from a different domain name,” said
Attackers use the local data to outsource these jobs to people without any technical background. Amuleek Bijral, country manager, India & SAARC, RSA, security division, EMC, said: “Basic tools like Mpack are available between $100 and $200 . Sophisticated tools like Zeus, Limbo, Torpig, BankSniff, Haxdoor and Metafisher are available for $600-1000 (Rs 29,000- 48,000).”
Commenting on the underground economy, Bijral said: “It is difficult to ascertain the exact amount for phishing alone, but if we were to look at the amount of money lost due to phishing, trojan and other social engineering attacks it will be in the range of $3-3.5 billion (around Rs 17,000 crore).”
Through the underground markets, a phisher can also “rent” a compromised Web server on which to host his phishing pages. He can further outsource the process by renting another compromised machine from which phishing email can be sent out.
Shantanu Ghosh, vice-president, product operations, Symantec India, said: “Automated phishing toolkits are an example of such outsourcing. A phishing toolkit is a set of scripts that allows an attacker to automatically set up phishing websites that spoof the legitimate websites of different brands, including the images and logos associated with those brands. These are developed by groups or individuals and are sold in the underground economy. These kits are difficult to obtain and expensive, and are more likely to be purchased and used by well-organised groups of phishers, rather than the average user.”