Phishers Exploit Current Global Financial Crisis & Bank Buyouts
Online banking services users should be extra cautious as fresh spam e-mail attacks purporting to have come from popular banks and exploiting the recent global financial crisis have been witnessed, say security researchers at the US Computer Emergency Response Team (US-CERT).
Security researchers stated that the warning has been released in the wake of recent financial crisis that pushed many popular banks into the hands of new owners. Taking over of these banks by new owners have created a situation of confusion among their customers and phishers have capitalized on this confusion.
Generally, phishers use a fake "account verification" technique to get hold on victims' information. They send a fake notification, pretending to have come from the bank, with a threat that if the recipient does not verify his account and personal details, he will be penalized. After acquiring the personal details, phishers sell the information to others for more fraudulent activities.
Moreover, as long as the confusion on merger of banks continues, phishers will keep launching attacks that pretend to represent the new owner of user's bank and their effectiveness alongwith number will continue to rise.
Meanwhile, Mary Landesman, Senior Security Researcher, ScanSafe, revealed that her company traced a number of phishing e-mails posing to represent the Bank of America, as reported by SCMagazine on October 7, 2008.
She further added that spammers have a long history of taking advantage of breaking news and the current credit crisis is not an exception.
Moreover, US-CERT has advised users to implement best practice for not falling to phishing scams, like avoiding opening unsolicited e-mails and not providing account details at suspicious sites.
In addition, users are worried about their bank account status. To avoid falling victims to phishing attacks, users can manually enter their bank's Website in browser and enter their online banking information through the home page of the site.
SonicWall, an online security firm, also said that it has found a number of e-mails that attract users to fake bank Websites. These sites ask users to verify their bank and personal details on account of merger, as reported by ZDNet on October 3, 2008.
Related article: Phishers Expand Their Sphere of Attacks
» SPAMfighter News - 15-10-2008