Linux is new phishing threat to eBay

eBay says online criminals are getting more organised and branching out from the Windows operating system to use the open-source Linux platform.

eBay recently did an in-depth analysis of its threat situation, and while the company is not releasing the results of this analysis it did uncover a huge number of hacked, botnet computers, said Dave Cullinane, eBay's chief information and security officer, speaking at a Microsoft-sponsored security symposium at Santa Clara University.

Cullinane, who one year ago downplayed the role of organised crime in phishing ("It's not the Sopranos," he said), believes that online attackers are indeed becoming more sophisticated, with malware developers now being funded to develop new and improved attacks.

In the past year, Cullinane has seen better organisation by eBay fraudsters. Criminals are being paid to develop better types of attacks, and the attacks are getting harder to detect, he added. "The phishing emails I see are extremely sophisticated," he said.

Apparently, this growing professionalisation has even cut down on mangled grammar. "The language they're using is very good." Cullinane said.

Last week eBay said data on 1,200 eBay members had probably been stolen via a phishing scam. The members' data was posted to the company's Trust & Safety discussion forum.

-ComputerWorldUK