Rock Phish attack evolution

The RSA Anti-Fraud Command Center (AFCC) recently uncovered a new series of attacks from the Rock Phish group, launched in order to infect unsuspecting users with financial crimeware. The Rock Phish group is a set of criminals believed to be based in Europe who have been targeting financial institutions worldwide since 2004.

Rock Phish attacks are estimated to account for more than 50% of phishing attacks world-wide and to be responsible for the theft of tens of millions of dollars from users’ bank accounts. However, until now, the group has not deployed financial crimeware as part of its attack methodology.

The new Rock Phish attacks combine both phishing techniques and crimeware. Victims of these phishing attacks not only have their personal data stolen – but they are then also infected with the Zeus Trojan. Once infected, the Trojan is capable of stealing additional information, such as personal data transmitted while interacting with other websites.