Security experts: Rock Phish is behind growing 'Net fraud

SAN FRANCISCO -- A recent surge in phishing — fraudulent e-mail and websites designed to "fish" sensitive personal information such as passwords and credit card numbers — is the handiwork of a small, shadowy cybergang, computer security experts say.

Rock Phish got its name because of its use of the word "rock" in the Web addresses of phishing websites. It is believed to be in Eastern Europe, based on the widespread availability of its phishing tools on websites hosted in that region.

FBI spokesman Paul Bresson says it is aware of the group. But U.S. authorities have little legal recourse to bust the foreign group and tamp down the surge in phishing, says Paul Henry, vice president of technology evangelism at Secure Computing.

The gang is also targeting the commercial accounts of small and large businesses, says Fred Felman, chief marketing officer at MarkMonitor, a security company that has developed anti-phishing services. He estimates 77% of all active phishing sites are linked to Rock Phish and its methods.

In July 2007 — the most recent month for which data are available — the Anti-Phishing Working Group said new phishing sites pole-vaulted to 30,999, from 14,191 in July 2006.

More phishing sites have popped up this year — more than 220,000 and counting — than in the first seven months of any other year.

Rock Phish attacks employ Web addresses containing the names of real businesses, such as Bank of America, that are interspersed with random numbers.