Spy-phishing

Spy-phishing is a term coined by Jeffrey Aboud of Trend Micro[1] at the Virus Bulletin 2006 conference in Montreal. Defined as "crimeware" (a kind of threat that results in fraudulent financial gains), spy-phishing capitalizes on the trend of "blended threats", it borrows techniques from both phishing and spyware. The downloaded applications sit silently on the user's system until the targeted URL is visited wherein it activates, sending information to the malicious third party. Through the use of spyware and other trojans, spy-phishing attempts to prolong the initial phishing attacks beyond the point at which the phishing site is available.

References

  1. "Spy-Phishing: A New Breed of Blended Threats". Trend Micro. October 2006. Retrieved 2010-01-20.

See also