Bank phishing attacks on the rise

A wave of phishing attacks have been hitting over the last day targeting customers of Regions Bank in the United States and Westpac Bank customers in New Zealand. Other banks in the US, UK and Australia are also being targeted.

The ones I have been investigating all include a HTML document as an attachment with a form to fill out.

Some purport to be a survey for you to fill out and be paid $35 for participating, while others say your account has been suspended until you verify your identity.

When the victim opens the attachment it prompts them to answer some survey questions and provide some of the following details:

  • Social Security Number
  • Card number
  • Card expiration
  • CVV
  • ATM PIN
  • First, Middle and Last name
  • Email (ironically they mailed you the form)
  • Address
  • Mother’s maiden name
  • Place of birth
  • Birthday

The attackers appear to be posting the stolen information to compromised hosts in Iran (Tehran), USA (Yahoo!) and Japan.

This might be a great time to remind your less security concious friends about attacks like these and to be sure to only ever provide information to your bank in person, or when you call a well known published telephone number.

(Source:Sophos)

Improve our visibility and share this article with your friends !
  • Digg
  • del.icio.us
  • Facebook
  • Google Bookmarks
  • RSS
  • Slashdot
  • Twitter
About Danny Bisaerts

Danny Bisaerts has grown over the past decades from a development background into the world of Information Security and Physical Security. He has spent a lot of time in the world of finance, government, consulting, manufacturing, telecommunications and utilities ...

Danny is currently the editor of www.itsecurity.be. Email : editor@itsecurity.be
LinkedIn : Public Profile