Phishers Dodge Content Filtering

Filed under
Security

Phishing criminals are using a new technique to slip by the content filtering software some enterprises use to protect their workers from scams, a U.K.-based Web metrics and monitoring firm said Friday.

According to Netcraft, some fraudsters are replacing text content on their phony sites with similar-looking images, "making it much more difficult for automated systems to detect the presence of keywords such as 'PayPal' and 'credit card.'"

In an online alert, Netcraft illustrated how a phisher could simply embed text within an image to hide it from filters. The text would still be readable by a possible victim, but not by a computer.

"Because the content filters may not detect this [sample page] as being a PayPal phishing scam, it could slip through undetected, allowing the fraudster to harvest the credentials of thousands of PayPal customers," Netcraft went on in its alert.

Full Story with live links.