Expanding phishing vector: Classified ads

The online classified advertisement services sector has been increasingly exploited as a phishing attack vector by ecrime gangs, a trend confirmed by the growth of attacks abusing classified companies in the first half of 2010, accounting for 6.6 percent of phishing attacks in Q2 2010 alone, according to the APWG.

Though the online payment services sector remained the most targeted industry with 38 percent of detected attacks in Q2, up from 37 percent in Q1, the classified advertisement services sector exhibited the most rapid growth in phishing attacks of all sectors in the half.

Classified advertisement websites for person-to-person trading, job postings, personals ads and other kinds of online commerce and culture offer ecrime gangs rich contexts for casting false scenarios to trick consumers into giving up funds or financial data that can be used for fraud, or even to draft them as unwitting accomplices into their criminal enterprises such as working as money mules.

Meanwhile, the growth of detected samples of rogueware – malicious crimeware disguised as anti-virus or anti-spyware software – rose some 13 percent from quarter to quarter, up from 183,781 in Q1 to 207,322 in Q2, 2010.

Three rogueware “families” are responsible for 72 percent of all the samples detected in this period:

  • Adware/SecurityTool was the most frequently detected rogueware family in Q2 with 25 percent
  • Adware/TotalSecurity2009 was second with a 24 percent
  • Adware/MSAntispyware2009 was third with 21 percent of the rogueware samples detected in Q2.

The full report is available here.