The newest twist is more targeted phishing, now aimed at smaller banks and credit unions than in the past.
In the seemingly endless world of security threats, yet another cause for concern has emerged. In June, Websense, a provider of employee Internet-management solutions, released a statement saying that phishing scams are increasingly being directed at smaller, more targeted groups, such as local banks and credit unions, a practice it calls "puddle phishing."
Traditional phishing is when spammers send users official-looking e-mail messages to request such data as social-security numbers or passcodes, and threaten to deactivate, block or restrict users' accounts if they do not update their personal information. Until now, the practice has largely been directed at customers of large, multinational banks. But according to Websense Security Labs, which reports on Internet security threats, the number of small credit unions targeted by puddle-phishing scams have tallied more than 30 since the beginning of the year. At least one of the community banks targeted has only 11 branches, while another puddle-phishing attack targeted a credit union that serves employees and staff of the White House.
Dan Hubbard, senior director of security and technology research at Websense, says that even though smaller banks don't have a high volume of customers, the puddle-phishing attacks are working. "The fact that we are seeing more and more of the smaller financial outlets being targeted by phishing attacks may indicate that this is a highly profitable scam," Hubbard said in a statement.
The similarity of puddle-phishing attacks to large-scale attacks suggests that the phishers might be sharing tools, or that a small number of offenders is behind the puddle-phishing incidents, Hubbard believes.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
2017 State of IT ReportIn today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.