Fortunately for us, we wouldn’t be hearing about this issue if it weren’t for RSA’s Anti-Fraud Command Center’s discovery. When they stumbled into an online forum that is full of fraudsters and scam artists, they learned about this new kit, which allows anyone to develop their own man-in-the-middle attacks. The kit would allow anyone to use any bogus URL they wanted, and be able to to make fraudulent replicas of any site on the Internet. As you can understand, this is a very big threat.

Fraudsters are hawking free trials of “universal” man-in-the-middle phishing kits through an online forum, security researchers said today.

RSA’s Anti-Fraud Command Center (AFCC) discovered an internet forum populated by fraudsters that is offering a set of tools to create a man-in-the-middle scheme, according to a company news release.

The kit allows would-be attackers to create a bogus URL that communicates with both the end user and the legitimate website in real time, the release said. The scammer must first dupe the user into visiting the spoofed site.

These so-called universal phishing kits allow users to configure their attacks to take advantage of any target website, according to the release.[more]

Tags: Scams