MOROCCO — Here’s a new twist on the ol’ phishin’ hole: A group of Moroccans calling itself Mr-Brain has established a website to phish phishers.The website purports to offer “phishing kits” containing easy-to-use code, email templates and other hacking tools preformatted for some of the most popular targets: Bank of America, eBay, PayPal and HSBC customers. The site states only very basic programming skills are required to configure the included PHP scripts in order to set up a lucrative “out-of-the-box” scamming operation, and it claims the entire thing can be up and working within minutes.
Each kit’s description includes the type of information it is designed to coax from unwary netizens. Mr-Brain claims the Web pages created by the scripts are undetectable by Internet Explorer, Opera and Mozilla browsers.
Although it may sound good to potential fraudsters in training, the site is itself a phishing scam. Sneakily embedded code exploits PHP’s case-sensitivity in order to disguise an unrelated routine as an essential part of the configuration script. The end result is that all personal details collected by the phisher-king wannabes are copied to the Mr-Brain group, and the original phisher is none the wiser. According to code warriors, the ruse is so well-hidden most amateurs and some pros won’t recognize it.
The nimble minds at anti-phishing organization Netcraft said the phishing kits’ scripts send harvested details to a Gmail address owned by Mr-Brain. In January, Netcraft uncovered another Mr-Brain scheme that worked in the same way.
For those who prefer an easier path to illicit riches, the Mr-Brain website also contains a section listing “Free and Freash [sic] Credit Card” details, according to Netcraft.
