A new phishing attack under way seems to be aimed at victims of identity theft and tries to get them to divulge information about their bank accounts. The victims are lured to Web sites that appear to be legitimate, where they're asked to provide personal account information.

Cyota Inc., an anti-fraud vendor, says its Anti-Fraud Command Center first detected the attack Friday, soon after it hit one of its customers. Most phishing attacks involve criminals sending out thousands of E-mail messages, looking for a few individuals to respond, visit a legitimate-looking banking site, and give up personal data such as account information. The latest attack seems to be targeting individuals with real accounts at certain banks, which makes it likely that the criminals are using stolen data to incorporate information such as name, E-mail address, or a correct full account number.

The criminals appear to be going after data that would be valuable on the black market, including ATM personal identification numbers, which could be used to loot an account, Cyota says. The attacks seem to be targeting customers of several banks, although Cyota wouldn't disclose the names of the banks. In addition to alerting customers about phishing threats, Cyota also works with Internet service providers and others to quickly shut down Web sites identified as participating in phishing.

"Cyota detects a lot of attacks with a lot of good mouse traps," says Avivah Litan, an analyst at research firm Gartner. "And once it catches the sites, it shuts them down."