Phishers have started employing AES encryption to disguise the real nature of phishing sites from automatic phishing detection tools.
The used encryption is important for keeping the website under security researchers’ radar for as long as possible and to make it more difficult to analyze.
“A casual, shallow analysis of the page will not reveal any phishing related content, as it is contained in the unreadable encrypted text,” Johnston noted.
No attempt has been made to hide the key or otherwise conceal what is going on – this is the initial “version” of this obfuscation technique, and will likely not be the final one. Phishing detection will improve, and fraudsters will have to keep pace in order to remain successful.