22 March 2018
Uri Rivner

The Joy of Fraud Fighting

Uri Rivner - BioCatch

78Posts 368,023Views 36Comments
Innovation in Financial Services

Innovation in Financial Services

A discussion of trends in innovation management within financial institutions, and the key processes, technology and cultural shifts driving innovation.

Surprising surge of Phishing on nationwide banks

31 May 2010  |  5484 views  |  0

In the last couple of months the RSA Anti Fraud Command Center witnessed a dramatic increase in the number of nationwide US financial brands attacked by Phishing.

Ever since the good old days of the initial Phishing attacks in 2003-2004, the share of national banks – those that span across the entire US – has been declining, as the major banks implemented effective remedies against Phishing and the public became more aware of attacks where the fraudster posed as a major national bank. The heat moved to smaller targets: regional banks and small credit unions.

2010 started with nationwide banks constituting just 25% of US brands attacked by Phishing; most of the attacked brands (61%) were smaller, regional banks.

But things took a surprise turn in March 2010.

According to the RSA online fraud report from May, nationwide banks – the top financial brands in the US – constituted around 60% of the brands attacked by Phishing. In other words, fraudsters moved their sights to bigger targets.

This isn’t a momentary fluctuation. Year on year, the share of nationwide brands doubled in April while the number of phishing attacks increased 68%.

Talking to one of the major US banks, they confirmed they’ve been hit by a surprising surge of attacks that started around March. Other banks fared even worse: talking to folks in the RSA Anti Fraud Command Center, I discovered that one of the top ten US brands which had only a few attacks in February, had hundreds of attacks in April. And in total there were 30 nationwide brands attacked in April compared to just 13 in February.

Let us use the opportunity to have a quick view of what’s new in Phishing. There are new, interesting targets, such as universities and Carbon emission exchange sites. There are also new attack types such as Chat in the Middle and next-generation Typo-Phishing. Bryan Krebs reported on a new theoretical attack using browser tab manipulation to fool the victim.

As for ‘classic’ Phishing on financial services, many of the attacks these days ask for much more than online banking data. Here’s a typical list of items victims are asked to provide to phishing sites nowadays:

·         Online banking data:

o    User name and password

o    Answers to secret questions asked by the bank

·         Card data:

o    Credit card number

o    ATM PIN

·         Email account data:

o    Email address

o    Email password (!)

·         Identity theft data:

o    Date of Birth

o    Phone number

o    Mother’s maiden name

o    Mother’s middle name

o    Father’s maiden name

o    Father’s middle name

o    Driving license number

o    Social Security number

o    US state where account was opened

As you can see, this is quite a comprehensive list. Father’s maiden name and middle name are relatively new elements.

One thing to note is that today, unlike in previous years, many of the regional banks and credit unions are protected by defenses that render direct Phishing attacks almost useless. So if all banks are more-or-less equally protected in their online channel, maybe it’s time for the fraudsters to move elsewhere. They want to collect as much information as possible in Phishing so they can hit other bank channels (such as the phone channel), utilize more data for identity theft, or spread Trojans by taking over email accounts and social network accounts.

So, what drives this renewed interest in major financial brands? I’ll keep a close look on this recent development and update when new information is available.

*** update June 3 ***

The May stats show the trend continues; 65% of financial brands in the US attacked by Phishing are nationwide banks.


Distribution of US financial brands attacke by Phishing TagsSecurity

Comments: (0)

Comment on this story (membership required)

Latest posts from Uri

Brazil vs. Germany: A Surprising Find

12 July 2014  |  3894 views  |  1 comments | recomends Recommends 0 TagsSecurityMobile & onlineGroupInnovation in Financial Services

Sweetheart Scams: When Fraudsters Turn to Romance

30 June 2014  |  3171 views  |  0 comments | recomends Recommends 0 TagsSecurityMobile & onlineGroupInnovation in Financial Services

BitCoin Explained: How to Become a BitCoin Thief - part 1

04 December 2013  |  22533 views  |  1 comments | recomends Recommends 1 TagsMobile & onlinePaymentsGroupInformation Security

A Message from Hell

01 October 2013  |  3820 views  |  0 comments | recomends Recommends 0 TagsSecurityMobile & onlineGroupInnovation in Financial Services

Uri's profile

job title Head of Cyber Strategy
location Tel Aviv
member since 2008
Summary profile See full profile »
Internet. The perfect fraud frontier. These are the thoughts of Uri Rivner, head of Cyber Strategy at BioCatch and formerly Head of new technologies, identity protection, at RSA, the security division...

Uri's expertise

Member since 2008
78 posts36 comments
What Uri reads

Who's commenting on Uri's posts