Phishing tool allows you to create a ghost website in ... 2 seconds

Software developers want their programs to be installed simply and quickly. So are hackers.

Earlier last month, experts from security firm RSA Security discovered a PHP script that allowed installing phishing websites on a hacked server in just two seconds.

This code contains all the HTML elements and graphics needed to create a phishing Website, which, according to RSA, is disguised as a rather reputable financial agency. A ".exe" file will automatically install HTML and graphics in accordance with "site map" prepared by hackers.

This means that hackers no longer have to access the "slave" server repeatedly to upload graphics and HTML code. All work has been automated, even perfect automation.

Now, they just sit and shake their thighs and witness ghost sites, toxic sites, impersonating sites growing like mushrooms without spending a bit of effort. Worse, security software inside the server system will not sniff out any unusual things.

Sophisticated automation

Source: BBC " Using these tools, only scammers attack the server and create a series of new phishing websites ," RSA said. This is a disturbing news for security circles in the fight against phishing.

These impersonated websites are always implanted with tracking software, stealing all important user data such as passwords or financial information, then gathering and sending them to hackers.

In spite of security efforts to shut down ghost websites as quickly as possible, the average life of a phishing website is still 3.8 days. That time is enough for hackers to deceive the victims.

Data from research firm Gartner showed that the number of phishing attacks has doubled in the past two years.

At least 3.5 million mature users have disclosed their sensitive personal information or financial data, while 2.3 million other users have lost money to phisher hands. The average loss is 1250 USD / victim.

Trong Cam