The newest twist is more targeted phishing, now aimed at smaller banks and credit unions than in the past.
In the seemingly endless world of security threats, yet another cause for concern has emerged. In June, Websense, a provider of employee Internet-management solutions, released a statement saying that phishing scams are increasingly being directed at smaller, more targeted groups, such as local banks and credit unions, a practice it calls "puddle phishing."
Traditional phishing is when spammers send users official-looking e-mail messages to request such data as social-security numbers or passcodes, and threaten to deactivate, block or restrict users' accounts if they do not update their personal information. Until now, the practice has largely been directed at customers of large, multinational banks. But according to Websense Security Labs, which reports on Internet security threats, the number of small credit unions targeted by puddle-phishing scams have tallied more than 30 since the beginning of the year. At least one of the community banks targeted has only 11 branches, while another puddle-phishing attack targeted a credit union that serves employees and staff of the White House.
Dan Hubbard, senior director of security and technology research at Websense, says that even though smaller banks don't have a high volume of customers, the puddle-phishing attacks are working. "The fact that we are seeing more and more of the smaller financial outlets being targeted by phishing attacks may indicate that this is a highly profitable scam," Hubbard said in a statement.
The similarity of puddle-phishing attacks to large-scale attacks suggests that the phishers might be sharing tools, or that a small number of offenders is behind the puddle-phishing incidents, Hubbard believes.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.