Phishing Scam Abuses JPMorgan Data Breach, Says Sophos
The American multinational institution of finance JPMorgan Chase was hit with one data hack back in 2013 that affected numerous customers. Worse still, cyber-criminals have begun using the incident maliciously in their phishing e-mail scam, says Sophos.
Reportedly, it was in July 2013 that the security breach occurred and it struck 25m-or-so customers of JPMorgan Chase. However, the bank became aware only during September 2013 followed with informing people around December 2013.
And just as the JPMorgan security violation's news spread online, the fraudulent phishing e-mails started emerging.
The e-mails captioned "Chase Paymentech ALERT!!!" told recipients that when the institution was performing a routine verification it faced certain hazard due to the latest data hack. Therefore, the user was requested for providing all the details asked, in his profile so the bank could conduct identity verification. The messages then stated that failure towards giving the details would lead to abortion of the user's reach of Chase Paymentech's functionalities. The user was requested to click a given web-link for substantiating the information, the e-mails concluded.
Unfortunately, clicking the web-link does not take onto Chase's website rather users land on one bogus page where they're directed for providing the information.
Head of Technology Paul Ducklin for Sophos' Asia-Pacific region says that although people may be aware of phishing, the current one appears rather convincing, while having so many people involved; the phishers will possibly strike their targets pretty often. SCMagazineUK.com published this January 7, 2014.
Hewlett Packard, Enterprise Security Services' Chief Cyber Security Strategist Mike Loginov stated that phishing assaults similar to the JPMorgan Chase one were getting more-and-more sophisticated vis-à-vis the way they were able to compromise Internet-users. SCMagazineUK.com published this.
According to Loginov, cyber-criminals were increasingly empowering phishing assaults via the combination of trustworthy as also relevant personal information, which further increased the inability to recognize any spoofed e-mail.
Meanwhile, like financial institutions, medical outlets as well suffer data hacks as when Florida, US-situated Barry University lately began informing patients taking treatment at the Foot & Ankle Institute about possible compromise of their private data, especially medical records following one severe security breach.
» SPAMfighter News - 14-01-2014