Forecast: Phishing for Ransom

I am expecting early adopter segment of phishers to soon seek easier angle of attack because a) increasing use and rapid advancement of anti-phishing technologies makes phishing harder, and b) each wave of phishing attacks educates their preys.

I think Ransom Phishing is one such angle. Instead of phishing for authentication devices (username/password), ransom phishing's goal is to rapidly increase customer support cost, using existing phishing tools to alarm customers and directing them like one would drive a massive herd of bulls, to a point where it makes more economic sense to pay off the phishers.

Advertisements