When Toolkits Go Bad

As someone who has been involved in the development of some user interface toolkits, I have to admit I'm simultaneously amused and really annoyed at this latest development, namely phishing toolkits that lower the barriers to entry for criminals.


The tools and code provided by Mr-Brain are designed to make it extremely easy for other fraudsters to deploy realistic phishing sites. Only a very basic knowledge of programming is required to configure the PHP scripts to send victims' details to the fraudsters' chosen electronic mail address. Deploying one of these fully working kits can be done in as little as one minute – another factor that adds to their appeal.

This one toolkit, however, is somewhat humorous in that it tries to scam the scammers.

Careful inspection of the configuration script reveals deceptive code that hides the true set of electronic mail addresses that are contacted by the kit – every fraudster who uses these kits will unwittingly send a copy of each victim's details back to the Mr-Brain group.

No honor among thieves, apparently.


Popular posts from this blog

How to Fix a Jammed Toyota Camry Trunk

Chase Fraud Alert from SMS 28107

Analysis of What Information Angry Birds Collects