Pin Me

Phishing Delivery Mechanisms: Know Your Enemy (Web based Attacks) – Part 2

written by: Ashwin Satyanarayana•edited by: Rebecca Scudder•updated: 2/19/2016

In this series of Phishing articles, a host of phishing delivery mechanisms are discussed. Email and spam are one type,and web-based attacks are one of the other common ones. This form of attack is even more tricky since it cannot be seen. Want to find out how it works and how you can prevent it?

  • slide 1 of 3

    The Web is one big gullible little girl. Funny though it might sound, even the most legitimate websites are not being spared by attackers. The leery domains of freeware sites and other such are seedy web neighborhoods of phishers. Email and spamming are not the only delivery mechanisms, as discussed in Phishing Delivery Mechanisms: Know Your Enemy (Email and spam) – Part 1, they are just the beginning. Phishers also use a lot of web-based delivery mechanisms to get what they want.

    One hugely popular method of attacking is through malicious web-content. If you need some numbers, Google, in a study released earlier, stated that at least about

    “…3 million of the 60 million pages analyzed were found to invisibly download malicious software to users' computers. According to the study, about 1.3% of Google searches turned up at least one of those malicious pages, more than triple the percentage of malicious results from just eight months earlier “

    Given below are myriad ways of attacking a website:

    Popular websites, message boards and forums have a lot of HTML on them – phishers can embed fake or disguised URLs camouflaged and hidden within the all-too sprawling HTML code. What do they do?

    • Phishers can lure you to their websites by using fake banner ads or other graphics.
    • Web-bugs are another leery way of tracking your doings on the web – web-bugs can be zero-sized graphic buttons that are almost invisible to the user but are very much present on the website. This way phishers get a ton of information about you.
    • Pop-up windows and other such transient frames can be another way for the phishers to lead you to places where you ought not to go.
    • Using Key-loggers, Trojan Horse Programs, Back-doors and other malicious content on popular websites and installing them within the user’s browsers to phish out any information that the user might want to input into a website – from passwords to financial data. This is also called the Man in the Browser attack (MITB).

    When you look at a legitimate website, the most dangerous but still seemingly innocuous attacks are done through banner advertisements and MITB attacks. What makes these especially dangerous is the fact that they are not immediately evident and the user doesn't have a way to know the intent – it’s like a stab in the back.

    How to prevent these attacks?

    Web-based attacks happen in all sorts of ways as explained above; one very good way to block any attempts to attack while you do financial transactions can be effectively curtailed by tools explained in an article called " That Man in The Broswer can Kill You". If you worry abot the normal kinds of everyday attacks using Banner ads and Trojan horses, get a solid, very effective Internet Security Package from one of the leading commercial anti-virus vendors- ( I personally use Kaspersky Internet Security 2009)- which has a "pro-active defense system" and a brick like firewall. Constant updating of virus databases can also prove to be effective.

    Make sure that you check the "Disable Banner ads" feature on your Internet Security Package.

  • slide 2 of 3

    Images

    Web based Phishing attacksPhishing through websites