Joel Camissar, Websense Australian country manager, said the difficulty with this type of phishing attack is that it is designed to be posted behind a legitimate and actual URL.

Camissar said if a user was vigilant they would still be able to tell the Web site they are visiting is not legitimate, however this type of phishing technique is not new.

"We first saw "Rock Phishing" kits sold for around $20 or $30 online," Camissar said.

"The difficulty with this type of attack is that it is designed to put a fraudulent site behind a legitimate URL and the customer or user if not vigilant could see it is not the original or intended site because hackers these days can just change or add one character to the URL which even a diligent user may not recognize.

"A trend we are seeing is a slight decline in the more 'traditional' methods of hacking to spoofing telephone numbers and routing calls to pre-recorded information asking people to divulge account numbers and passwords ... We saw this becoming common in the middle of last year with a lot of small U.S.-based credit unions targeted."