Security researchers are reporting a new brand of phishing attack that attempts to use stolen consumer data to rip off individual account holders at specific banks.

"Phishing is a form of online fraud that has exploded in frequency over the last several years. Typically using large-volume e-mail campaigns, phishers try to trick people into sharing personal information that the thieves then sell or use to commit identity theft. The new breed of attack, however, could have a higher success rate because the e-mails present unsuspecting recipients with accurate information in a document that looks like legitimate bank correspondence."

The news article brings forward that "The attacks take advantage of poor technological defenses and continued consumer vulnerability, and evidence the work of an organized group with real research-and-development resources,"  Furthermore, it states that "So far, the success rates that we've seen are amazing. People are expecting to see a crude attack that tries to steal their information; they're not expecting to see this much real information as part of the attack."

The article also highlights another report on phising trends released by the Anti-Phishing Working Group stating that "attacks are increasingly relying on so-called keystroke loggers, a form of malicious program, to garner consumer information. Rather than trying to direct people to fake Web sites that ask for personal information, keystroke phishers capture login names and passwords for online bank accounts when customers access the accounts via computer. The keystroke logger programs then forward that information to the attackers."

For the full ZDNet news article, click here.