New Universal Man-In-The-Middle Phishing Kit
RSA Security has announced a new "universal man-in-the-middle" phishing kit.
From the site:
How it works
Using the Universal Man-in-the-Middle Phishing Kit, the fraudster creates a fraudulent URL via a simple and user-friendly online interface. This URL communicates with the legitimate website of the targeted organization in real-time - whether it is the online banking site of a financial institution, the order tunnel of an ecommerce company, or any other such business transacting with its users online. The victim receives a "standard" phishing email, and when clicking on the link s/he is directed to the fraudulent URL. The victim then interacts with genuine content from the legitimate website - which has been "imported" by the attack into the phishing URL - thus allowing the fraudster seamless, invisible and immediate access to the victim's personal information.
While this sounds like any other Man-In-The-Middle attack... the fact that it's being sold as a kit makes it slightly more dangerous and easier for the someone lacking knowledge to make use of. Just a heads up for anyone interested.