Phishers Target NBK Online Banking Customers

The net banking clients of the National Bank of Kuwait (NBK) were targeted by a phishing attack on June 22, 2008 that sent the users to a bogus site.

The phishing scam came guised as a message that seemed to have issued from NBK, requesting users to enter their particulars once more due to the loss of two million customer accounts by the bank. A link in the message then took the people to a fake NBK site and finally to a bogus homepage.

This was one of the most advanced phishing attacks to have been directed at NBK, duplicating two home pages and an attachment of text onto the bogus homepage to lend it authenticity.

The message declared that two million client account data had been misplaced, which, as per the bank, by far exceeds its total count of net banking clients and the bogus website also carried cautionary from NBK for not providing the account particulars.

NBK announced that the phony site was removed almost immediately after the discovery of the breach, and that the bank or its clients did not lose anything from this phishing attack. The bank alleged that it has observed a steady rise in phishing attacks on banks in this area during the past one year, including NBK, although the bank is too small for phishing, contrary to the number of strikes endured by international banks.

Also, Trend Micro's Marketing Manager for upcoming MEA markets, Ian Cochrane, told that this was a typical phishing attack, where such messages emerged three to four times every week in developing markets. These strikes usually transmit a huge number of e-mails, and though only one percent replies, they're effective. Numerous strikes are being witnessed on developing markets, so it is hard to find information on them in this kind of market, reported itp.net on June 23, 2008.

Phishing scams are especially typical in the area because Anti-Phishing Working Group's new report predicted that the Internet has over 2,600 functional phishing websites created with the sole intention of tricking customers into revealing personal fiscal data.

Related article: Phishers Expand Their Sphere of Attacks

» SPAMfighter News - 7/9/2008