Flash phishing

Sadly, every year we see new forms of spyware, malware and spam. The 2007 is not different. It’s January 3, and security experts have already spotted brand new phishing sites.

From the first sight, they are typical fake PayPal pages. Phishers made them look similar to the genuine site. As usually, scumbags wait for credulous people to submit their confidential information.

Nothing new, you may say. However, it’s not that simple. If you look a little bit closer you will notice that both sites are actually Flash animations, the SWF files that look as regular web pages until you double-click on them. This will bring the Flash player’s menu.

Why phishers started to run Flash-based sites? That’s more difficult than creating a plain HTML page.

Here is the answer. Most content filters and anti-phishing plug-ins analyze page content. They most likely will fail analyzing the Flash file, and therefore will allow the user to visit it.

Simple and clear. Bad guys becoming more creative.

  1. Bobby says:
    February 1st, 2007 at 10:00 am

    sounds scary, but i never believed in site advisors or things like that. they don’t seem to be reliable for me.

Your opinion regarding Flash phishing

Like us on Facebook