Mysterious “Rock Phish” Behind Surge in Phising Attacks

Little is known about Rock Phish, expect that the individual or gang is suspected to be the most prominent phishing operation in the world.  The group (person???) uses sophisticated social engineering schemes to target US and European finacial institutions and is believed to have cost banks more than $100 Million to date. It is estimated that 1/3 to 1/2 of all phising messages are sent by Rock Phish.  


The group is also credited with pioneering the use of Image Spam and  single use domains to get around spam filters and phising blacklists, respectively. The latest trick is to build new phising addresses with seldom used domain extensions (.st, .md etc.) to bypass phishing filters not programmed to look for URLs with these obscure extensions…which is something that has been picked up and used by spammers recently as well.  


As of October 2006, the Anti-Phising Workgroup estimates that there are ~35,000 Phising Websties.  

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s