By Andrew Wylie and Sam VimesSource News.co.nzThe latest example of phishing that will get your browser crawling for phishing pages has been discovered by the Australian Cyber Security Centre (ACSC).
The site used a Google bot to lure unsuspecting users into visiting a phisher website.
The script, written in PHP and called ‘phish-cloaking’, was written by a man in the UK and used to create fake user names and passwords, the ACSC says.
It’s been around for some time and many phishing sites have been used by criminals to scam people.
It could be used to lure in unsuspecting users to a phished website.
A man in Australia is currently facing a criminal charge for his role in creating a phishers’ website.
John Deakin, 31, of Bairnsdale, South Australia, was arrested in September and is facing six charges, including making and distributing a fraudulent communication service, aggravated copyright infringement, computer hacking, and making and using a computer network to access copyright infringing material.
The ACSC said the man’s website could have been one of the most common in the country.
“This is not the first time a UK-based website has been used as a phishly site,” ACSC head of cyber-crime David Tarr said.
“In 2016 we saw the UK-headquartered site for a phishes site get a domain name stolen and a user created a fake user account on the site.”
Mr Deakin is expected to appear in court in Sydney on February 11.
A phishing site in the United KingdomThe website was created using a Googlebot that could be configured to redirect users to the ‘phishing site’.
“We found that a few different phishing domains were registered for the phishing website, including phishcloak.com and phishcon.com,” Mr Tarr explained.
“We also found that the phisher was able to generate a phoney email address from a legitimate domain name registered for phish con.”
“So the phish site was actually a fake phishing address,” he said.’
Bait and switch’ phishing campaignIn the UK, the man was arrested and charged with making and possessing a computer hacking device.
“The UK’s Serious Organised Crime Agency (SOCA) and the Royal Navy have launched an investigation to identify any other UK-registered websites or domains that may have been targeted by the malicious actor,” the ACS said.
Mr Deakin was remanded in custody until February 15.
“Mr Deaks’ next court appearance is scheduled for the afternoon of February 12,” Mr Vimes added.
“I have just been contacted by the ACSA and it appears the phishers were not successful in tricking anyone into clicking on their phishing links.”
The ACS is encouraging anyone who has been victimised by phishing to contact its Cyber Crime Unit on 1300 222 727 or visit their website to report the incident.
“If you have been affected by phish sites or have been contacted via the ACSc website, please let us know via email, or contact us via our dedicated phishing tip line,” Mr Nel said.Read more