[ insider_reports_insider ]
Phishers Step Up Ops During Banking Crisis
SecurityProNews
Staff Writer
2008-10-21
 Insider Reports RSS Feed
Spammers and phishers are going about it all wrong. If they want a really big payoff they should have gotten into mortgage lending-even if you suck at it the government gives you money! Maybe online scammers are reconsidering, because there's been a huge spike in banking crisis-related attacks lately.
 | | Phishers Step Up Ops During Banking Crisis |  |
Or maybe they're just trying to boost participation in National Cyber Security Awareness Month, which is October, which means your IT guy needs something from Bath and Body Works to show your appreciation without it being an obvious hint.
Just kidding, IT guys!
MessageLabs is sending out the warning that phishing attacks rose by 16 percent between August and September, but skyrocketed by 103 percent between September and October. Most of the attacks were spoofs on the huge banks dominating the news in the wake of the financial crisis on Wall Street: Bank of America, Wachovia, Chase Manhattan, Washington Mutual, and even UK banks like Lloyds, TSB and RBS.
Smaller state banks, credit unions, and retail websites were not left out, though. MessageLabs credits the spike in attacks to the Cutwail botnet, currently the largest botnet controlling over a million active bots, is responsible for Bank of American and American Express phishing attempts.
On October 16, 7,000 Bank of America phishing attacks were intercepted, accounting for 1.2 percent of the day's total, accrued over just two hours. The next day it more than doubled to 15,000 attacks until it reached 125,000 emails by the weekend, or 16 percent of all phishing attempts. Monday morning 35,000 American Express emails, or 17 percent for the day, were intercepted.
"During a trying time like this when banks are making global headlines, we would expect spammers to latch on to the credit crisis to take advantage of vulnerable investors and anxious consumers who have been sorely affected by the events of the past few months and are looking for relief or a boost in confidence," said Mark Sunner, Chief Security Analyst, MessageLabs. "It's crucial that everyone is aware of potential threats and is educated on how to avoid falling victim to them."
The spam offers, as one might guess, mortgages, debt consolidation, credit counseling and other financial advice. MessageLabs, in honor of National Cyber Security Awareness Month have some advice for avoiding scams, which you should likely know already:
1. Financial institutions never ask for account or personal info via email. If you get an email looking this information, report it to the government's phishing website.
2. Links are how they get you. Avoid clicking on links in emails and IMs, especially from people you don't know.
3. Before entering credit card info online, look for the padlock and https displayed in the browser bar.
4. Be careful about giving out personal information over public domains, like social networking sites or forums.
5. Don't store passwords on a browser and use different passwords for different sites. If you suspect phishing, change all passwords immediately.
About the Author:
SecurityProNews is a daily online and email publication focusing on internet security issues.
More insider_reports_insider Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
