David Coursey at eWeek thinks the next wave of attacks will be pharming attacks – attacks designed to spoof you into believing you are at a trusted site. Money quotes:
Today’s phishing attack usually consists of an official-looking e-mail from a bank, credit card company or other financial services provider. Some of what passes for "official-looking" would be pretty hilarious if it didn’t seem to actually work sometimes. Sometimes a half-dozen of these make it through my spam filter in a single day.
Inside the message is a link to what looks like an official Web site but is actually a clever-to-clumsy-looking scam that gathers personal account information, passwords, Social Security numbers and other information useful to crooks.
Chasin expects this first-generation phishing to move toward pharming, which involves Trojans, worms, or other technology that attack the browser address bar. Thus, when users type in a "valid" URL they are redirected to the criminals’ Web sites.
Another way to accomplish the same thing is to attack the DNS system rather than individual machines. Do this and conceivably everyone who enters what seems like a valid URL—the one that worked properly moments before—will instead be taken to the scammer’s site.
Scott sent me was a list of pharming-like attacks that have already taken place. These include an incident last November, when Google and Amazon users were sent to "Med Network," an online pharmacy. The Troj Banker A/j worm, seen last November and December, watched for users to visit specific banking sites and then grabbed the personal information entered there for use by the criminal pharmers.
I now get about 25 phishing attacks a week, and they show no sign of abating, though I have noticed that they are getting more amateurish as they pass through the food chain. There is a Firefox extension called SpoofStick that may help with pharming attacks.