New Phishing Attack Targets ID-Theft Victims
The E-mails seem to be targeting victims of identity theft and try to get them to divulge information about their bank accounts.
A new phishing attack under way seems to be aimed at victims of identity theft and tries to get them to divulge information about their bank accounts. The victims are lured to Web sites that appear to be legitimate, where they're asked to provide personal account information.
Cyota Inc., an anti-fraud vendor, says its Anti-Fraud Command Center first detected the attack Friday, soon after it hit one of its customers. Most phishing attacks involve criminals sending out thousands of E-mail messages, looking for a few individuals to respond, visit a legitimate-looking banking site, and give up personal data such as account information. The latest attack seems to be targeting individuals with real accounts at certain banks, which makes it likely that the criminals are using stolen data to incorporate information such as name, E-mail address, or a correct full account number.
The criminals appear to be going after data that would be valuable on the black market, including ATM personal identification numbers, which could be used to loot an account, Cyota says. The attacks seem to be targeting customers of several banks, although Cyota wouldn't disclose the names of the banks. In addition to alerting customers about phishing threats, Cyota also works with Internet service providers and others to quickly shut down Web sites identified as participating in phishing.
"Cyota detects a lot of attacks with a lot of good mouse traps," says Avivah Litan, an analyst at research firm Gartner. "And once it catches the sites, it shuts them down."
About the Author
You May Also Like
2024 InformationWeek US IT Salary Report
Aug 15, 20242024 InformationWeek US IT Salary Report
May 29, 20242022 State of ITOps and SecOps
Jun 21, 2022