Phishers hit Hilton Honors Club

Share this article:

Phishers are targeting smaller organisations to maximise profit and fool even the net savvy, the latest report from the Anti-phishing Working Group (APWG) shows.

By hitting targets such as the Hilton Honors Club (a honor scheme for frequent users of the company's hotels), as opposed to traditional phishing sites such as Paypal, phishers hope users who adhere to warnings will still be caught.

"It's more likely the Honors club would ask for your account details than Paypal or Citibank, especially now these larger organisations are getting on top of it," said Mark Murtagh, technical director EMEA at Websense, who conducted the report. "With the levels of sophistication we're now seeing many people will be fooled." The April report also highlighted continued growth in phishing reports sent to the APWG, which received 14,411 last month.

As SC reported last week phishers are legitimising themselves with real domain names. "There's also been a decrease in sites without domain names, phishers are now registering cousin domain names," said Murtagh. "By doing this they bypass common security advice, such as checking for a domain name."

Murtagh said that phishers were likely to continue targeting large financial organisations but the growing trend towards smaller, perhaps more obscure groups, especially within the U.S., was likely to continue.

"As long as there's money to be made phishing will continue, and that's true of all ecrime," Murtagh said.

www.antiphishing.org

Share this article:

Sign up to our newsletters

More in News

Brazilian president signs internet 'Bill of Rights' into law

Brazilian president signs internet 'Bill of Rights' into ...

President Dilma Rousseff signed the legislation on Wednesday at the NetMundial conference in Sao Paulo.

Android trojan sends premium SMS messages, targets U.S. users for first time

Android trojan sends premium SMS messages, targets U.S. ...

An SMS trojan for Android, known as FakeInst, has been observed sending premium SMS messages to users all over the world, including, for the first time, the United States.

Report: DDoS up in Q4 2013, vulnerability scanners leveraged to exploit sites

Report: DDoS up in Q4 2013, vulnerability scanners ...

Researchers observed 346 DDoS attacks in the final quarter of 2013 and attackers used Vega and Skipfish vulnerability scanners to exploit web flaws at financial companies.