Phishers Have New RedirectScheme
WASHINGTON - (03/13/06) Internet security firms werewarning banks and credit unions last week of a new techniquephishers are using to keep spoofed websites up and running even asauthorities pull the plug. In so-called smart site redirection,attackers are creating several identical copies of a spoofed site,each with a different URL, often hosted by different Internetservice providers. When phishing emails go out, all include a linkto another site, a central redirector. When thepotential victim logs on the emailed link, the rederictor checksall the phishing sites, identifies which ones have not been shutdown, and redericts the victim to that site. This allowscyber-crooks to lengthen phishing attacks after they have beendiscovered by authorities.