New Phishing Emails Automatically Steal Bank Log In Details

London, 3rd November 2004. MessageLabs, the leading provider of managed email security services to businesses worldwide, has identified a new phishing technique designed to capture online banking details without requiring users to click on a website link they simply have to open an email.

Towards the end of October, the company intercepted a number of emails which, when opened, silently run a script that attempts to rewrite the host files of targeted machines. This means that the next time the user attempts to legitimately access online banking they will be automatically redirected to a fraudulent website, enabling their log in details to be stolen.

So far, MessageLabs has only intercepted copies of emails targeting three Brazilian banks, but should the technique prove successful the company expects to see more phishing attacks using this advanced method.

It should also be noted that computer users who have Windows Scripting Host disabled are not at risk from this particular type of phishing attack.

Alex Shipp, Senior Anti-Virus Technologist at MessageLabs, comments:

“This latest technique demonstrates how phishing attacks could become increasingly difficult for end users and online organisations alike to protect against. By reducing the need for user intervention, the perpetrators are making it easier to dupe users into handing over the contents of their bank accounts. Most banks have advised their customers to be wary of any email asking for personal banking details, but in this case all they have to do is open an apparently innocent email and their bank details could be silently sabotaged.”

“We currently detect between 80 and 100 new phishing websites a day, showing just how prolific the threat has become. It is a moving target, making it harder to identify and defend against. As ever, a combination of user education and the necessary levels of technology-based protection are essential.”

About MessageLabs

MessageLabs is the leading provider of managed email security services to businesses based on market shares or revenue according to the Yankee Group Security Solutions & Services, February 2004 Report. The company currently offers industry-leading protection to more than 9,000 businesses around the world from email threats such as viruses, spam and other unwanted content before they reach their networks and without the need for additional hardware or software. Powered by a global network of control towers that currently spans 13 data centres in the United States, the United Kingdom, Germany, the Netherlands, Australia and Hong Kong, MessageLabs scans millions of emails a day on behalf of customers such as The British Government, The Bank of New York, Bertelsmann, Bic, CSC, Conde Nast Publications, EMI Music, Diageo, Orange, Random House, SC Johnson and StorageTek. The company has more than 600 channel partners, including BT, Cable & Wireless, CSC, IBM, MCI and Unisys. The information relating to MessageLabs’ services contained in this news release is based on data generated internally by MessageLabs and has not been subject to an independent review by a third party. For more information on MessageLabs and its industry-leading email security and management services, please visit www.messagelabs.com.