Phishing E-mail Target Italian Bank ‘Banca Popolare di Sondrio’

Trend Micro, the Internet security company, states that the Italian bank 'Banca Popolare di Sondrio' has been recently attacked by phishers. The discloser was made on the basis of finding of spam mails that seem to have come from the Bank's website, SCRIGNO.

The spam mail contains a link which, on clicking, takes users to a website that looks like the authentic login page of the Bank. The website asks the users to enter their usernames and Personal Identification Numbers (PINs). After revealing these details, they are taken to a website that asks for a control code, which is present in every SCRIGNO client's card.

Once users have revealed all the required data, they are taken back to the authentic website of SCRIGNO. However, by this time, the phishers have already extracted the information they required.

According to the Trend Micro security experts, phishing attacks caused due to spam mails have already been proven a major danger in the present threat scenario. Further, the experts have added that other banks, which have been hit by spam mails lately, are Caisse d'Epargne a French semi-cooperative Bank, Standard Chartered Bank and the Bank of Nevada.

It is worth noting that since this danger rises at fast rate, security experts suggest users to follow some basic tips. They have advised that users should not open suspicious mails chiefly those which come from the user's bank.

To avoid any danger, users should check the link provided in the e-mail before clicking on it. Hackers can easily hide the true identity of a phishing website by making it an attached link of a reputed site as in this case attackers exploited SCRIGNO. For knowing the authentic destination of the link, place the mouse over the given link then look at the valid address of the link on the lower left side of the monitor.

Besides, security experts have said that users should use efficient antivirus, firewall and spam filters.

Finally, users are recommended to check their banking statements regularly to observe any unwanted withdrawals that may have took place in case their accounts are hacked.

Related article: Phishing With A Redirector Code

» SPAMfighter News - 6/4/2010