When Toolkits Go Bad

As someone who has been involved in the development of some user interface toolkits, I have to admit I'm simultaneously amused and really annoyed at this latest development, namely phishing toolkits that lower the barriers to entry for criminals.

http://news.netcraft.com/archives/2008/01/22/mrbrain_stealing_phish_from_fraudsters.html


The tools and code provided by Mr-Brain are designed to make it extremely easy for other fraudsters to deploy realistic phishing sites. Only a very basic knowledge of programming is required to configure the PHP scripts to send victims' details to the fraudsters' chosen electronic mail address. Deploying one of these fully working kits can be done in as little as one minute – another factor that adds to their appeal.


This one toolkit, however, is somewhat humorous in that it tries to scam the scammers.


Careful inspection of the configuration script reveals deceptive code that hides the true set of electronic mail addresses that are contacted by the kit – every fraudster who uses these kits will unwittingly send a copy of each victim's details back to the Mr-Brain group.


No honor among thieves, apparently.

Comments

Popular posts from this blog

How to Fix a Jammed Toyota Camry Trunk

Web 2.0 and Research

NYTimes: It Takes a Cyber Village to Catch an Auto Thief