The "Universal Man-in-the-Middle Phishing Kit" works via sending the intended victim a regular dodgy phishing e-mail. After clicking on the link enclosed, the victim is presented with actual content from the Web site.

According to RSA Security's Anti-Fraud Command Center, the toolkit can be easily configured for multiple targets, configured to import pages from any target organization and intercept any credentials even after a victim has logged into an online account.

The toolkit was being offered for free trial on an online "fraudster forum" on January 10.

Marc Gaffan, RSA consumer solutions marketing director, said such styles of phishing attacks are a new wave in scamming and will become more prevalent over the next year.

"While these types of attacks are still considered next generation, we expect them to become more widespread over the course of the next 12-18 months," Gaffan said.