Softpedia
 
HomepageWindowsGamesDriversMacLinuxScripts buttonMobileHandheldNews

NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
Home > News > Security

March 12th, 2011, 08:51 GMT · By

Phishers Start Targeting Regional Credit Unions

SHARE:

Adjust text size:


Phishing attack targets Grow Financial Credit Union
Enlarge picture
Security researchers warn that phishers are becoming more focused in their attacks and have begun targeting regional credit unions.

Traditionally phishers have targeted large financial institutions or services in an attempt to reach the highest possible number of potential victims.

This is because the success rate of phishing attacks is generally low. Therefore, logic dictates that less from more is better than less from less.

However, when human behavior is factored in things aren't necessarily as straight forward. That's because people tend to be less suspicious of emails received from relatively obscure institutions than of those originating from commonly targeted organizations.

It would appear that phishers are slowly catching on researchers from messaging security vendor AppRiver exemplify with a recent campaign that targets members of the Grow Financial Credit Union, a Tampa Bay area credit union.

The rogue emails purported to come from the financial institution pose as security alerts warning recipients that their accounts have possibly been compromised.

In order to restore access to them, users are asked to complete a form attached to the email. The attachment is actually an archieve called GrowFinancialFCU_Account_Restore_Form.pdf.zip which contains an HTML file.

Opened in the browser, the HTML document displays a clone of the Grow Financial website with a form to input account number and password, as well as credit card details, complete with CVV2 and PIN.

The use of attachments for phishing is not a new technique, but not a traditional one either. It appears to have become more common during the past year.

"Since most people are very cautious of clicking links in emails, perhaps the cybercriminals feel that delivering the entire web page to you will increase the perceived legitimacy of the message," AppRiver researcher Troy Gill explains.

"This is a very well-crafted phishing campaign that just goes to show, individuals using smaller banking institutions are not any safer from these attacks than anyone else," he adds.

TELL US WHAT YOU THINK:

1,453 hits · Link to this article · Print article · Send to friend · Subscribe to news

MUST-READ RELATED ARTICLES:


New Phishing Campaign Targets 'First Data' Merchant Accounts
HTML Attachment Spam Exploded in Recent Months
Vishing Attacks Target Regional Banks and Credit Unions

READER COMMENTS:



No user comments yet.
Be the first to express your opinion!
Copyright © 2001-2012 Softpedia. Contact/Tip us at

WindowsGamesDriversMacLinuxScriptsMobileHandheldNews

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   UPDATE YOUR SOFTWARE   |   ROMANIAN FORUM
© 2001 - 2012 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are
registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use