A recent phishing campaign was established to lure private banking customers to install covert malware into their devices.
The fraudulent emails sent to potential victims apply traditional phishing methods to target audiences. These methods also combine the legitimate-looking banking URLs and sorted secure messages that private banking clients often receive.
A security provider Barracuda Networks reports that this method appeals to cybercriminals due to the high value targets as well as trusted and intimate communication between customers and their banks.
“Criminals also like that in order for targets to act on these messages, they need to be connected to the internet because the viewing happens in a web portal, which means that they are now vulnerable to downloading malicious content”, wrote Fleming Shi at Barracuda.
Barracuda Networks provides the information that there are many variations distributed on the same theme, addressing multiple banks such as TD Commercial Banking and Bank of America.
In some cases, mentioned emails also have an attached Word file that contains a malicious script which rewrites all of the documents in the victim’s directory just after the user launches a file on a Windows device.
Shi also adds that “depending on the script in the attachment, there’s a potential for typical anti-virus software to miss the threat altogether because the Word documents contained in these ‘secure messages’ could be benign and allowed to be downloaded or opened when they’re first received.”
Once the malware is installed, cybercriminals have the capability to update the script and turn it into more malicious malware – ransomware, for example.
It is important to raise awareness and warn private banking customers about the malware. In addition, a layered security system together with progressive sandboxing and anti-phishing abilities will reduce these threats.
Phishing is still the most used attack by cybercriminals.
Bank employers are most likely to become victims of fraud and impersonation, followed by branded and seasonal attacks, reports IronScales.
Thus, staff training has become the best way to prevent phishing. However, it was announced that more than a half of bank employees in the UK cannot even remember having been trained. As a result, it doesn’t work as it should in practice.