According to analysts from Internet software firm Websense, Inc., the new sites resemble phishing websites because they seek to collect confidential information from web surfers, but instead of mimicking other established websites, they appear to be legitimate, independent ecommerce sites, often specializing in low-cost pharmaceuticals, office supplies or low-interest mortgages.
“The Internet continues to evolve as an attack vector for hackers by employing tactics that trick both the casual and corporate web users into being victims of identity theft,” said Dan Hubbard, director of security and technology research for Websense.
Phishing and fraud-related websites are currently growing at an exponential rate and succeed in convincing users to give up personal information roughly 5 percent of the time, according to the Anti-Phishing Working Group’s most recent attack trend report.
“We predict this problem will only worsen as hackers become more advanced in their scams,” Hubbard said. “New techniques to dupe users are being developed and the accuracy, creativity and sophistication are rising.”
According to Hubbard, many of the new variety of fraud-based websites pose as online banks, pharmacies or mortgage and loan companies that are found through email and search engine results.
The new websites also tend to be linked to high traffic spam networks and tend to be hosted outside of the United States, according to Hubbard.
Unlike phishing websites, which disappear quickly, the majority of the new fraud-based websites exist for an average of 8.5 days, Hubbard said.
