Phishers hit Hilton Honors Club

Share this article:

Phishers are targeting smaller organisations to maximise profit and fool even the net savvy, the latest report from the Anti-phishing Working Group (APWG) shows.

By hitting targets such as the Hilton Honors Club (a honor scheme for frequent users of the company's hotels), as opposed to traditional phishing sites such as Paypal, phishers hope users who adhere to warnings will still be caught.

"It's more likely the Honors club would ask for your account details than Paypal or Citibank, especially now these larger organisations are getting on top of it," said Mark Murtagh, technical director EMEA at Websense, who conducted the report. "With the levels of sophistication we're now seeing many people will be fooled." The April report also highlighted continued growth in phishing reports sent to the APWG, which received 14,411 last month.

As SC reported last week phishers are legitimising themselves with real domain names. "There's also been a decrease in sites without domain names, phishers are now registering cousin domain names," said Murtagh. "By doing this they bypass common security advice, such as checking for a domain name."

Murtagh said that phishers were likely to continue targeting large financial organisations but the growing trend towards smaller, perhaps more obscure groups, especially within the U.S., was likely to continue.

"As long as there's money to be made phishing will continue, and that's true of all ecrime," Murtagh said.

www.antiphishing.org

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Millenials improve security habits, more interested in cyber careers, still need guidance

Millenials improve security habits, more interested in cyber ...

Raytheon's second annual survey on the online and security behavior of Millennials shows improvement but still a long way to go.

Pakistani man indicted over spyware app creation

Hammad Akbar created StealthGenie, which allowed the purchaser to secretly monitor a cell phone's communications.

FDA finalizes guidelines on medical device, patient data security

The recommendations are aimed at providing better protecting patient health and data, as well as hoping device manufacturers take into account cybersecurity risks in the early stages of development.