Phishing attacks continue to grow at a rapid rate and are used mainly for identity fraud. Unfortunately these attacks are a lot easier to carry out.

TrendLabs report that a new tool by the name “Super Phisher” has been detected:

The tool creates all the files necessary for the Phishing page such as an .HTML file that contains the actual page, and a .PHP file, which steals information and saves the stolen data to a .TXT file. In the screenshot below, note how the HTML page’s code refers to the local .PHP file and not the legitimate site (in this case, Yahoo!).

How to detect a Phishing site? Many of these sites look exactly the same as the legitimate site. What you need to check is the URL. This tool can’t hide the fact that the site is hosted on an URL that doesn’t seem quite right.

Always check the URL. If it looks suspicious, it’s better not to click on the link or – if you already did that – to just close the page.

Trend Micro™ Smart Protection Network™ detects Malware such as HKTL_SUPERPHISER using the file reputation service and protects users from accessing malicious sites via the Web reputation service.

If you want more protection, try downloading the WOT (Web of Trust) add-on for Firefox and IE. To learn more about WOT, please visit