School of Computer and Information Science, Edith Cowan University, Perth, Western Australia
Today Phishing of Internet banks is a well know problem and globally is responsible for more than US$3 billion in fraud annually. To date there has been limited research into the individuals and groups responsible for these attacks. Considerable anecdotal evidence exists to suggest that transnational organised crime groups are involved in Phishing. The involvement of these groups, particularly those operating out of Eastern Europe, is of concern given their sophistication and resources. Earlier work by CRL@mq looked at a month of Phishing against one Australian financial institution and clustering indicative of a small number of groups being responsible was seen. To get a better picture of the nature of the groups behind Phishing we now look back to the genesis of attacks against Internet banks. The first attacks against Australian banks started in March 2003 and were in fact the first attacks of this kind against Internet banks globally. We examine these incidents as a case study and look at the individuals and organisations involved. The circumstances behind these attacks are clearer now than might be imagined given none of the perpetrators were indentified at the time. We then briefly examine how much Phishing has changed in the intervening 5 years.