A new phishing kit has been discovered that is being used by fraudsters to capture victims’ personal information online in real-time.

The Universal Man-in-the-Middle Phishing Kit, discovered by vendor RSA, enables fraudsters to sit between prospective victims and legitimate businesses.

Marc Gaffan, director of marketing for consumer solutions at RSA, said: 'As institutions put additional online security measures in place, inevitably the fraudsters are looking at new ways of duping innocent victims and stealing their information and assets.'

The victim receives a 'standard' phishing email and when clicking on the link is directed to the fraudulent URL. The victim then interacts with genuine content from the legitimate web site - which has been 'imported' by the attack into the phishing URL - thus allowing the fraudster seamless, invisible and immediate access to specific data, like the victim’s personal information.

'While these types of attacks are still considered ‘next generation’, we expect them to become more widespread over the course of the next 12-18 months', said Gaffan.

What do you think? Email us at: feedback@computing.co.uk

Further Reading:

New phishing scam uncovered

Sharp rise in phishing emails

Publicise the phishing facts

Phishing attacks against Europeans drop