"According to Kiwi angling lore, the end of April is the time to pack away the rods and waders (it's the start of winter in New Zealand, don't forget) and to get out your shotgun for the duck hunting season, which begins in May," said Paul Ducklin, head of technology, Asia Pacific at Sophos. "Obviously, cybercriminals don't keep to the same schedule."
"The phishing e-mail doesn't read like the sort of prose you would expect your bank to send," continued Ducklin. "And the link in the e-mail leads off to a Web server in the USA which is currently blocking downloads, so there seems to be little risk of customers getting caught out."
It is estimated that 70 percent of malicious Web pages abused by phishers and malware spreaders are not directly associated with cybercriminals, but rather are legitimate sites which have been broken into and 'borrowed' for criminal activity.
"The Web site used in this phish appears, at first glance, to be the long-term legitimate Web site of a sole trader in Massachusetts, served out of a hosting company. That site is now widely blocklisted, and off the air. The genuine owner of the site is left to sort out the mess," explains Ducklin. "Computer security begins at home -- consumers and small businesses should take advantage of the many security guidelines that are available online."
