Increase in phishing attacks against nationwide banks reported

RSA researchers say large U.S. banks experienced a surge in phishing attacks this spring.

The number of phishing attacks on nationwide banks, long on the decline, suddenly surged in March and April, according to the RSA Anti-Fraud Command Center.

According to the center's May online fraud report, large U.S. banks made up 61% of the financial brands in the U.S. targeted by phishing in April, up from 57% in March and a dramatic increase from 28% in February. By comparison, regional banks made up 35% of the financial brands hit by phishers in April, a sharp drop from 60% in February.

For the past few years, the share of phishing attacks against banks whose markets span the U.S. had been on the decline as the banks implemented systems to thwart phishers and customers became more aware of the attacks, Uri Rivner, head of new consumer identity protection technologies at RSA, the security division of EMC, wrote in a blog post about the phishing attack trend. Attackers then set their sights on the smaller targets of regional banks and credit unions, he said.

Rivner noted that many smaller financial institutions have now implemented defenses that deflect phishing attacks.

"So if all banks are more or less equally protected in their online channel, maybe it's time for the fraudsters to move elsewhere," he said. "They want to collect as much information as possible in phishing so they can hit other bank channels (such as the phone channel), utilize more data for identity theft, or spread Trojans by taking over email accounts and social network accounts."

One of the top 10 U.S. bank brands had 1,218 phishing attacks in April, up from just seven in February, Rivner reported. A total of 30 nationwide banks were attacked in April compared to 13 in February.

Dig deeper on Spam, phishing and social engineering attacks

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchSecurity

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

ComputerWeekly

Close