Single Botnet Bombards UK Businesses With Millions of Phishing Emails

02 Aug 01:29

A single botnet is being used to send a barrage of phishing emails to UK businesses, according to BlackSpider Technologies, the on-demand security service of SurfControl plc. The huge botnet is controlling more than 20,000 distinct IP addresses and began sending out the phishing emails on Sunday, and over 24 hours BlackSpider estimates it sent out more than 8.1 million emails.

The subject lines of the emails invariably refer to either NatWest or Bank of Scotland. Examples include:

0fficial Information To Client Of NatWest bank Mon, 31 Jul 2006 16:58:33 -0800
Bank of Scotland: Urgent Security Notification For All Clients Mon, 31 Jul 2006 23:49:13 -0100
NatWest bank: Important Fraud AIert
Verify Your Data With NatWest bank
NatWest bank: urgent security notification [Tue, 01 Aug 2006 03:57:17 0300]
Verify Your DetaiIs With NatWest bank Mon, 31 Jul 2006 16:59:35 -0800
PROTECT YOUR NatWest bank ACCOUNT Mon, 31 Jul 2006 16:56:07 -0800
NatWest bank: URGENT SECURITY NOTIFICATION FOR CLIENT

The phishing emails contain an inline image and if recipients click on the image, they are directed to a website where they are instructed to input their personal information. Once inputted, the information can then be used at whim by the phisher to siphon victims bank accounts.

[At least the phishers have got one thing right: receiving a message like that is indeed an 'important fraud alert'... --Ed].

Related links: (Open in a new window.)
www.blackspider.com

Taken from Information Security Bulletin.