Universal Man-in-the-middle Phishing Toolkit found

Paladion
By Paladion

January 14, 2007

A few months ago, Jose mentioned in Palisade that Man in the middle Phishing attacks are on the increase. Last week RSA Security announced that they have discovered a Universal Man-in-the-middle Phishing Toolkit being sold online. The toolkit makes it easy to deploy new phishing sites. More importantly, this is the first instance of a toolkit simplifying man-in-the-middle phishing attacks.

Man-in-the-middle phishes relay pages from the website to the user and the requests from the user to the server in real-time. They can subvert two-factor authentication schemes by inserting themselves transparently in the request-response path. If you have invested in two-factor tokens to beat phishing, this is a good time to rethink your strategy.

Educating your users, detecting phishing attacks early and taking down the phishing sites quickly are the cornerstones of the anti-phishing strategy we recommend.


Tags: Uncategorized

About

Paladion

SUBSCRIBE TO OUR BLOG

Buyers-Guide-Collateral

WHITEPAPER

Buyer’s Guide to Managed Detection and Response

Download
MDR

Get AI Powered

Managed Detection and Response

MDR-learmore-btn

 

MDR-Guide-Collateral

REPORT

AI-Driven Managed Detection and Response

Download Report
Episode

EPISODE-25

Red-LineAsset-6

Why Your ‘Likes’ on Facebook May Be Revealing Far More than You Thought

Click URL in the Post for the Full Podacst
  • FacebookAsset
  • LinkedinAsset
  • TwitterAsset