[an error occurred while processing this directive]
BBC News
watch One-Minute World News
Last Updated: Thursday, 21 October, 2004, 10:13 GMT 11:13 UK
Cyber conmen 'hijack desktop PCs'
Citibank branch, BBC
Citibank is a phishing favourite
Huge numbers of desktop PCs are passing on e-mails for conmen trying to steal confidential details, say experts.

Analysis by mail security firm Ciphertrust reveals that the hijacked computers are unwitting accomplices for almost all so-called phishing attacks.

Its research shows that the hijacked PCs are organised into five separate networks of zombie computers that send out the fraudulent e-mails.

American PCs sent out the most messages and South Korea was in second place.

Numbers game

Ciphertrust carried out its analysis on messages that passed through its mail filtering hardware during the first two weeks of October.

PHISHING TARGETS
Citibank - 54.16%
Smith Barney - 13.48%
SunTrust - 10.02%
Paypal - 7.57%
Wells Fargo - 5.42%
HSBC - 5.07%
eBay - 4.15%
USBank - 0.11%
CitizensBank - 0.014%
Only 1% of the e-mails sent were so-called phishing attacks that pose as messages from financial organisations and try to con people into handing over account information, password and login details.

Ciphertrust said that analysis of the net addresses used to relay these messages show that they are passing through a relatively small number of zombie networks.

The company said perhaps as few as five zombie networks were responsible for funnelling the fraudulent messages and each network can call on a pool of about 1,000 PCs.

Almost a third of these zombies, 32%, were sited in the US. A further 16% were in South Korea and the remaining 52% were in 98 other countries.

The US and South Korea were so popular with the phishing gangs because broadband is much more widely used in those countries.

Zombie net

"Phishing attacks represent a collaboration of the world's most skilled hackers and organised crime," said Paul Judge, chief technology officer at Ciphertrust.

PHISHING SOURCES
United States - 32.07%
Republic of Korea - 15.39%
France - 6.55%
China - 6.40%
United Kingdom - 4.06%
Germany - 3.85%
Spain - 3.81%
Japan - 3.05%
Italy - 2.48%
"Instead of breaking into the bank to take money, phishers are tricking users into handing over their account information, or rather the electronic keys to the vault."

Many PCs in homes and businesses have been recruited into the zombie networks by falling victim to one of the many viruses currently in circulation.

Many viruses, such as Bagle, MyDoom and Sobig, have been written specifically to open up a backdoor into a PC so that it can be controlled remotely by malicious hackers, spammers or criminals.

Ciphertrust said 70% of the home machines sending out phishing e-mail messages are also relaying spam.

Criminals and spammers are keen to use these zombie networks because the tactic helps them hide their tracks.

By far the most popular target for the phishing gangs was US financial firm Citibank. More than 54% of the phishing messages were seeking out its customers. Smith Barney was in second place with more than 13% of messages.


SEE ALSO:
Users face new phishing threats
20 Oct 04  |  Technology
Banks sound alarm on online fraud
01 Oct 04  |  Business
E-mail fraudsters attack Citibank
19 Aug 03  |  Business
Net giants adopt anti-spam system
01 Oct 04  |  Technology
E-mail scams cost banks 1m
24 Apr 04  |  Moneybox
Phishing con hijacks browser bar
08 Apr 04  |  Technology


RELATED INTERNET LINKS:
The BBC is not responsible for the content of external internet sites


PRODUCTS AND SERVICES

News Front Page | Africa | Americas | Asia-Pacific | Europe | Middle East | South Asia
UK | Business | Entertainment | Science/Nature | Technology | Health
Have Your Say | In Pictures | Week at a Glance | Country Profiles | In Depth | Programmes
Americas Africa Europe Middle East South Asia Asia Pacific