Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.

RSA Alert: New Universal Man-in-the-Middle Phishing Kit Discovered

  • 15 January, 2007 13:21

<p><i>New kit helps fraudsters easily launch increasingly sophisticated and automated online fraud attacks</i></p>
<p>RSA, The Security Division of EMC, (NYSE: EMC) announced today that its 24x7 Anti-Fraud Command Centre (AFCC) has uncovered a new phishing kit being sold and used online by fraudsters.</p>
<p>This new kit, a Universal Man-in-the-Middle Phishing Kit, is designed to facilitate new and sophisticated attacks against global organisations in which the victims communicate with a legitimate web site via a fraudulent URL set by the fraudster. This allows the fraudster to capture victims' personal information in real-time.</p>
<p>RSA's analysts researched and analysed a demo of the kit that was being offered as a free trial on one of the online fraudster forums that the AFCC monitors regularly.</p>
<p><b>How it works</b></p>
<p>Using the Universal Man-in-the-Middle Phishing Kit, the fraudster creates a fraudulent URL via a simple and user-friendly online interface. This URL communicates with the legitimate website of the targeted organisation in real-time - whether it be the online banking site of a financial institution, the order tunnel of an ecommerce company, or any other such business transacting with its users online. The victim receives a "standard" phishing email, and when clicking on the link s/he is directed to the fraudulent URL. The victim then interacts with genuine content from the legitimate website - which has been "imported" by the attack into the phishing URL - thus allowing the fraudster seamless, invisible and immediate access to the victim's personal information.</p>
<p><b>Fraudster benefits</b></p>
<p>RSA's analysts have identified two primary benefits that fraudsters using this kit are set to reap:</p>
<p>1. It is a "universal" phishing kit, meaning it can easily be configured per target. Fraudsters who want to initiate a phishing attack do not have to purchase or prepare a custom phishing kit for each target. Once they acquire and operate this kit, the attack can be configured to "import" pages from any target website.</p>
<p>2. Unlike standard phishing attacks, which only collect specific requested data (typically login and card-related credentials), this attack is designed to intercept any type of credentials submitted to the site after the victim has logged into his account as well.</p>
<p><b>Detection and mitigation efforts</b></p>
<p>The RSA 24x7 Anti-Fraud Command Centre handles this attack in a similar fashion to the way it deals with "standard" phishing attacks - relying on a broad monitoring and detection network, its broad blocking network, as well as industry-leading experience in site shutdown - as it does for more than 150 customers of its FraudActionSM anti-phishing, anti-pharming service. And, uniquely, RSA can further identify, analyse and mitigate this specific type of attack via the RSA eFraudNetworkSM community - the company's cross-institution anti-fraud network - by leveraging sophisticated analytics in the RSA® Risk Engine to further protect customers that also use RSA® Adaptive Authentication or RSA® Transaction Monitoring.</p>
<p>"It is obvious to all including fraudsters that utilizing such an attack vector, the weakest link is a static password. These are the accounts that will be targeted first. Not only can that information be utilised for fraudulent transactions; but also subsequent attacks on that particular site and also sites where the user uses the same password credential. While these types of attacks are still considered 'next generation,' we expect them to become more widespread over the course of the next 12-18 months," commented Geoff Noble, RSA Banking and Finance Specialist. "We are working with many organisations to ensure they are positioned to withstand and respond to whatever threats fraudsters may create. Some of these organisations have already deployed various layers of protection and others are in the process of strengthening their security."</p>
<p><b>About RSA</b></p>
<p>RSA, The Security Division of EMC, is the expert in information-centric security, enabling the protection of information throughout its lifecycle. RSA enables customers to cost-effectively secure critical information assets and online identities wherever they live and at every step of the way, and manage security information and events to ease the burden of compliance.</p>
<p>RSA offers industry-leading solutions in identity assurance &amp; access control, encryption &amp; key management, compliance &amp; security information management and fraud protection. These solutions bring trust to millions of user identities, the transactions that they perform, and the data that is generated. For more information, please visit and</p>
<p>RSA, FraudAction and eFraudNetwork are either registered trademarks or trademarks of RSA Security Inc. in the United States and/or other countries. EMC is a registered trademark of EMC Corporation. All other products or services mentioned are trademarks of their respective companies.</p>
<p><b>Note to the Editor</b></p>
<p>Should you require any further information or would like to interview Mark Pullen, RSA Country Manager please contact Sarah at Kinetics on 02 9212 3848 or</p>

Most Popular


Brother MFC-L3745CDW Colour Laser Multifunction

Learn more >




Back To Business Guide

Click for more ›

Brand Post

Most Popular Reviews

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Latest Articles


PCW Evaluation Team

Tom Pope

Dynabook Portégé X30L-G

Ultimately this laptop has achieved everything I would hope for in a laptop for work, while fitting that into a form factor and weight that is remarkable.

Tom Sellers


This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang


It really doesn’t get more “gaming laptop” than this.

Jack Jeffries


As the Maserati or BMW of laptops, it would fit perfectly in the hands of a professional needing firepower under the hood, sophistication and class on the surface, and gaming prowess (sports mode if you will) in between.

Taylor Carr


The MSI PS63 is an amazing laptop and I would definitely consider buying one in the future.

Christopher Low

Brother RJ-4230B

This small mobile printer is exactly what I need for invoicing and other jobs such as sending fellow tradesman details or step-by-step instructions that I can easily print off from my phone or the Web.

Featured Content

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?