DIY phishing kits
Results 1 to 3 of 3

Thread: DIY phishing kits

  1. #1
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,324

    DIY phishing kits

    DIY phishing kits hit the Net

    By John Leyden, The Register Aug 19 2004 7:53AM
    Do-it-yourself phishing kits are being made available for download free of charge from the Internet, according to anti-virus firm Sophos. Anyone surfing the Web can now get their hands on these kits, launch their own phishing attack and potentially defraud computer users of the contents of their bank accounts. These DIY kits contain all the graphics, web code and text required to construct bogus websites designed to have the same look-and-feel as legitimate ecommerce sites. They also come with spamming software. Scam emails that form the basis of phishing attacks commonly pose as 'security check' emails from well-known businesses. These messages attempt to trick users into handing over their account details and passwords to bogus sites. Hundreds of thousands of phishing emails are sent across the internet each day and the ready availability of phishing kits can only spur this trend.
    http://securityfocus.com/printable/news/9362

    Damn kiddies/nigerians too lazy to do it themselves.

    Just where would one find such a "kit"? You know... for experimental/educational purposes.
    I often joke in my AFKs that "I'm gone phishing." That would bring a whole new meaning to it....

    Normally.. my "phishing kit" contains a stereo and lots of batteries, at tent, sleeping bag, some changes of clothes and a huge cooler full of beer... but not that phish has retired... no more phishing for me.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  2. #2
    Senior Member RoadClosed's Avatar
    Join Date
    Jun 2003
    Posts
    3,834
    huge cooler full of beer
    I like the word HUGE.

    I have begun an agressive communication program for our customers here and we document it. Along with that I have people record and document 3 levels down into the web sites to make sure nothing has changed and no new links are added. I know there is software that does that but this shows agressive human interaction. It shows we care. In addition ALL external link to businesses outside of ours have been removed or added to a forwarder that says "you are now leaving mydomain.com etc. Agree to this and click" You know the ones. I used to try and gobble up all the domains close to mine but that has become impossible since there are too many words. Customer communication is the key to keep them OFF fraudulent sites, but as we know you can scream in their faces to not go to anything other than mydomain.com or .net or .wtf and they WILL. It is the communication and other documented steps that could reduce the risk to a company should a scriptie get hold of someone and make unathroized transactions. In some cases they cannot be recovered. And these new kits make it even more important. I fall under some government regulations so I have taken some extreme steps like removing external links but hey, it's going to get worse.
    West of House
    You are standing in an open field west of a white house, with a boarded front door.
    There is a small mailbox here.

  3. #3
    Senior Member
    Join Date
    Jul 2003
    Posts
    634
    I wanna no the answer to your question to phish, ive spent a fair amount of time trying to figure out a search combo on google that would provide meaningful results yet i havent.

    i2c

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •