Spear Phishing: Looting bank accounts dry

Rate this item
(0 votes)

 

On 23 January 2010 Carte Blanche reported on an evolved version of email scams namely ‘Spear Phishing’, featuring an American Cyber Crime Expert, Brian Krebs that explained the modus operandi of Spear Phishing in America.

Unfortunately Spear Phishing is not restricted to America and is very active in South Africa and closer to home in KwaZulu-Natal! Carte Blanche further reported that the South African Banking Ombudsman, Advocate Clive Pillay, has handled over 700 cases involving Spear Phishing in 2010.

Unlike random email scams easily identified by their use of templates containing misspelled words, Spear Phishing targets specific groups of people or organisations with personalised content.

We analysed a number of Spear Phishing emails and revealed that it employs more sophisticated methods to bypass detection. In the past we have been educated to ensure that:

· An online banking website address starts with ‘HTTPS’

· There is a padlock visible at the bottom right hand of your Internet Browser.

However with Spear Phishing we noticed that:

· The email scam more than often informs you that a deposit of funds require your attention

· You are redirected to a website that is an exact clone of your bank’s online webpage

· The website address starts with ‘HTTPS’

· There is a padlock visible at the bottom right hand of your Internet Browser

· The cloned website will allow you to login to your bank account whilst intercepting everything you type during the login process, including your OTP (One Time Pin).

By now you are wondering how to prevent falling victim, especially since you access your email account via your cellular phone!

Despite the fact that a bank will never redirect you to verify a deposit, you need to be vigilant of:

· The cloned website address won’t match that of your bank’s official website address. Take note that there are some exceptions, such as spoofed websites

· The padlock visible at the bottom right hand of your Internet Browser will have an ‘!’ mark over it, that indicates the cloned website is not digitally signed and can therefore not be trusted!

We as the consumer need to take more responsibly in ensuring our safety and not solely rely on banks to protect us against cyber attacks.

Author: Eben Louw (Manager - KPMG Forensic)

 

Read 627 times
Published in Forensic Technology
Social sharing

Related items (by tag)

More in this category: 2010: Cyber-Crime on high alert »
Login to post comments
back to top
The secret of any online business is web hosting. Select the best hosting service reading offered by justhost.
Free Joomla Templates designed by Joomla Hosting