May 5, 2006

Anatomy of a Phishing Syndicate

sw-0017The nerds guys over a RSA examine all the players in the Phishing game. Some of them are obvious, the email addresses are bought from email harvesters, and the sites are usually hosted on bots. But interestingly, based on their monitoring of internet chat rooms, they’ve found that harvester and the exploiter of the account info are usually different people:

BigCriminal42: hi everyone, Jolly good evening to you. I'm buying credentials of top UK banks. Anything goes, especially [... here comes a list of banks]

BankBuster007: hello bigcriminal I have good credentials of [... a few of UK's finest financial establishments]. How much you want

It’s interesting to me that the tradecraft has become so developed that people specialize in different aspects of the fraud. Plus, you have to love their usernames.

Phishing Supply Chain: Part 1, Part 2 [RSA Security Blog]

Share It: del.icio.us:Anatomy of a Phishing Syndicate digg:Anatomy of a Phishing Syndicate reddit:Anatomy of a Phishing Syndicate Y!:Anatomy of a Phishing Syndicate
Read More: Bots, Phishing, Theft
Related: Ukrainian Cybercrime Lord?
 Phishing Not Slowing Down
 Phishing with VoIP
 Cashing in on Phishing

One Response to “Anatomy of a Phishing Syndicate”

  1. Security Wonk - Ukrainian Cybercrime Lord? Says:

    […] We previously mentioned how some think that the underworld of identity theft is decentralized and that everyone meets online. A new business week article seems to suggest otherwise, that there are large mob-like organizations controlling the whole supply chain. US Law Enforcement suspects a Ukrainian named Dimity Ivanovich Golubov of being the mastermind: […]

    May 30th, 2006 at 1:24 pm

Post a Comment...

(required)

(required)
(will not be published)

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>