In my previous post, I discussed the different methods used by fraudsters to store and deliver stolen data from phished users. Even though drop-boxes are the most popular, nowadays we still notice several kits using old-style delivery methods. As a proof of concept, we detected a phishing kit employing a vulnerable “Form to Email" program to deliver the collected credentials to the fraudsters’ drop-box. As already discussed, the big advantage of adopting this technique is that the server hosting the phishing website does not need to be capable of running dynamic content, and so static HTML-only pages can be employed.
However, the amount of information that can be retrieved from users these days is larger than in the past; a couple of usernames and passwords is no longer enough information, since other pieces of data are often required to...
