Cyren: 300% rise in phishing attacks on bank customers

That Transform Technology Summits launch on October 13 with Low-Code / No Code: Enabling Enterprise Agility. Register now!


Cyren recorded a 300% increase in Chase Bank-related phishing URLs from mid-May to mid-August. This was unusual as it was a significant and sustained increase, not just an increase that lasted a few days.

It has never been easier to launch a phishing attack today by spreading phishing kits for sale on the dark web and in underground channels on Telegram. As it becomes easier to host phishing sites with free site hosting and domain name registrars, anyone with little to no technical skills can learn how to launch attacks by watching a simple video tutorial.

Cybercriminals are also putting more focus on mobile devices using text messaging, WhatsApp and other messaging services to launch attacks. These are often difficult to detect as anti-phishing solutions on mobile devices are not as robust as those on the company’s email servers and mailboxes. It is also harder for victims to differentiate fraudulent sites from real ones, making it easy for hackers to steal valuable personal data. Once data is stolen, it is vulnerable and can be accessed by anyone on the Internet who searches for it. Online search engines can easily reveal exposed usernames, email addresses, passwords, credit card numbers and social security numbers.

From the end of May until this report was published, the research team reported a 300% increase in Chase phishing URLs. The phishers collect information about bank and credit cards, social security numbers, home addresses and other very sensitive information. Attackers use both emails and text messages to lure victims to their phishing sites and easily bypass detection on mobile devices. A phishing server often stores the stolen data that anyone can see on the Internet.

This report includes a behind-the-scenes investigation into phishing campaigns targeting Chase Bank customers. Cyren threat researchers followed a trail that began with a simple overview dashboard and ended with some examples of the damage phishers inflict when they trick an unsuspecting user into revealing highly sensitive, non-public personal information.

Read the full report by Cyren.

VentureBeat

VentureBeat’s mission is to be a digital urban space for technical decision makers to gain knowledge about transformative technology and transactions. Our site provides important information about data technologies and strategies to guide you as you lead your organizations. We invite you to join our community to access:

  • updated information on topics that interest you
  • our newsletters
  • gated thought-leader content and discount access to our valued events, such as Transform 2021: Learn more
  • networking features and more

sign up

William

Leave a Reply

Your email address will not be published.