Phishers Targeting Hungarian Banks

On December 7, 2006, Erste Bank stopped online banking facility for its corporate customers after the bank became the latest victim of phishing strikes.

In phishing attacks, cyber-criminals dispatched e-mails claiming to come from the bank and containing a link to a fake site. The purpose was to deceive users to get their passwords and account details, with which the phishers could withdraw the users' funds.

There are no reports of any user falling prey to the plan as most of the online customers are aware of such frauds because of media reports. The National Investigation Office is investigating the matter.

The attempts of getting account details illegally - or more commonly known as phishing - are second in a week. GE Money Bank group member Budapest Bank, on December 5, 2006, shut down its Website temporarily after it came to know about the reported phishing attacks. The e-mails alleging to come from Budapest Bank were in English (english.mti.hu).

In the case of Budapest Bank, the criminals tried to take the unsuspicious customers to their own site via bogus e-mails. They were trying to get the identification numbers and through that, the account details.

The e-mails sent to Erste Bank's clients were in Hungarian language explaining the reasons why their accounts have been changed and requesting them to check the accounts online. The link in the mails took them to a fake site created by phishers that look similar to bank's official site. On the site of phishers', the potential victims were required to divulge their user name and password alongwith six-character e-pin-code.

The domain name employed for this strike was registered at a German firm on November 30, 2006. A domain name showing Orszagos Takarekpenztar (OTP), Hungary's biggest commercial bank, was registered too. The fraudsters tried to give an access to real web-server also so that the customers wouldn't immediately come to know that their data was being robbed.

The management of the bank is discussing the further course of action. It's not known whether any bank customer have fall victim to the attack.

Related article: Phishers Expand Their Sphere of Attacks

» SPAMfighter News - 12/14/2006