Company Snapshot: RSAS  Print This Story  Email This Story  Save this Link View PR Newswire's RSS Feed  Blogs Discussing this News Release  Search Blogs that Mention this News Release  Click this link to view linked Bookmarking Services Click this link to view linked Blogging Services

RSA Security Alert: New Phishing Technique Identified
 
         Smart Redirection Attack Helps Phishers Dodge Site Shutdowns

    BEDFORD, Mass., March 9 /PRNewswire-FirstCall/ -- The RSA Cyota Anti-Fraud
Command Center (AFCC) at RSA Security (Nasdaq: RSAS) announced this week that
it has discovered that online fraudsters have developed a new phishing
technique in response to increasingly aggressive moves to identify and shut
down phishing sites.
    This new type of attack, known as a Smart Redirection Attack, is designed
to ensure that potential phishing victims always link to a live website.  So
far two attacks on two different banks -- one based in the UK and the other in
Canada -- have been detected.

    How it works
    For a Smart Redirection Attack, the fraudster creates a number of similar
phishing websites based at different locations.  All of the emails received by
consumers contain URLs that direct the victim to an IP address that hosts the
'smart redirector'.  When the potential victim clicks on the link, the
'redirector' checks all related phishing websites, identifies which sites are
still live, and invisibly redirects the user to one of them.

    The thinking behind the scam
    Fraudsters are aware that once a user identifies the site as fraudulent,
s/he will report the site's address, and there's a good chance that someone
will shut it down.  If the fraudster has used a single address for an entire
batch of emails, the entire mailing list directed to that site would be
wasted.  However, sending the redirector address (hidden from the consumer)
assures that the consumer will always reach a live site.

    Naftali Bennett, senior vice president at RSA Cyota Consumer Solutions,
commented:
    "As anti-phishing vendors become more adept at shutting down phishing
websites, inevitably the fraudsters are looking at ways to minimize the effect
this has on their hit rates.  Analyzing which websites are still live -- and
seamlessly redirecting users to them -- seems like a good way to raise the
stakes.  These phishing emails look no different than any other: all the
action takes place behind the scenes, so as always users need to remain
vigilant.  Technology also plays a big part in preventing sophisticated
attacks like these, and companies like RSA Security are constantly monitoring
phishing attacks and the Internet as a whole, making them increasingly adept
at closing fraudulent websites down -- no matter how many the fraudster has
created."

    About RSA Cyota Consumer Solutions
    RSA Cyota Consumer Solutions, a division of RSA Security Inc., offers
proven solutions for online banking and e-commerce that range from adaptive
authentication -- with risk-based technology, one-time-passwords and
transaction-signing -- to anti-phishing services and real-time transaction
monitoring that controls fraud and manages risk.  The company's
eFraudNetwork(TM) community is the world's most effective cross-bank
collaborative online fraud network.  Today, many of the world's top 50 banks,
including nine of the top 12 banks in North America and the UK, use RSA Cyota
solutions to protect approximately 430 million consumers.

    About RSA Security Inc.
    RSA Security Inc. is the expert in protecting online identities and
digital assets.  The inventor of core security technologies for the Internet,
the Company leads the way in strong authentication and encryption, bringing
trust to millions of user identities and the transactions that they perform.
RSA Security's portfolio of award-winning identity & access management
solutions helps businesses to establish who's who online -- and what they can
do.
    With a strong reputation built on a 20-year history of ingenuity,
leadership and proven technologies, we serve approximately 20,000 customers
around the globe and interoperate with more than 1,000 technology and
integration partners.  For more information, please visit
http://www.rsasecurity.com

    For more information:
     Courtney Hohne                          Matt Buckley
     OutCast Communications                  RSA Security Inc.
     (415) 392-8282                          (781) 515-6212
     courtney@outcastpr.com                  mbuckley@rsasecurity.com
SOURCE RSA Security Inc.



Back to Topback to top

Related links:
  • http://www.rsasecurity.com
    CONTACT:
    Courtney Hohne of OutCast Communications,
    +1-415-392-8282, courtney@outcastpr.com; or Matt Buckley of RSA
    Security Inc., +1-781-515-6212, mbuckley@rsasecurity.com
    www.technorati.com Blogs Linking to this News Release at Technorati
    Issuers of news releases and not PR Newswire are solely responsible for the accuracy of the content.
    Terms and conditions, including restrictions on redistribution, apply.
    Copyright © 1996- PR Newswire Association LLC. All Rights Reserved.
    A United Business Media company.