14 December 2017
visit www.solutions.lexisnexis.com

Barclays subject to massive phishing attack

13 September 2006  |  8252 views  |  0 Barclays branch sign

US online security firm PandaLabs is warning of a large-scale phishing attack targeting Barclays Bank's Web banking clients and involving 61 variants of spoofed e-mails.

The scale of this attack has seen the number of fraudulent e-mails detected by PandaLabs increase by 30% in just a few hours.

PandaLabs says of all phishing messages currently circulating, some 64% are targetting Barclays' customers. Given the number of variants detected, estimates put the number of these e-mails in circulation at several million.

The spam e-mails are designed to appear as if they have been sent from Barclays' customer services.

The message text imitates Barclays' corporate image and says the bank its upgrading software and asks recipients to click on a link in order to confirm their bank details. Users that click on the link access a form, similar to those used by the bank, requesting their account number, credit card number or PIN.

There are 61 different variants of the message, using a wide range of message subjects and sender addresses. This tactic is used deliberately in order to bypass antispam systems, says Panda.

Luis Corrons, director of Pandalabs, says this is a sophisticated attack compared with those normally seen: "This could be a coordinated attack, initiated in several places at the same time in order to spread rapidly and gather a considerable amount of confidential bank details in record time."

Corrons says not all of the e-mail messages point to the same Internet address as the criminals have prepared at least five false domains.

Panda says it is contacting the technicians in charge of the sites that have been located - all of which are in Korea - in order to shut them.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

FFIEC guidance deadline will lead to surge in phishing, warns US regulator

FFIEC guidance deadline will lead to surge in phishing, warns US regulator

11 September 2006  |  7428 views  |  0 comments
Man-in-the-middle attacks Citi authentication system

Man-in-the-middle attacks Citi authentication system

12 July 2006  |  19365 views  |  0 comments
Barclays limits online funds transfers to fight phishing fraud

Barclays limits online funds transfers to fight phishing fraud

20 March 2006  |  14967 views  |  0 comments
Phishers look to dodge site shutdowns

Phishers look to dodge site shutdowns

09 March 2006  |  8769 views  |  0 comments
UK phishing fraud losses double

UK phishing fraud losses double

07 March 2006  |  29558 views  |  0 comments | 1 tweets | 2 linkedin
Panda warns of Bancos.GW Trojan

Panda warns of Bancos.GW Trojan

01 July 2005  |  6212 views  |  0 comments
Barclays Bank signs up to Cyota's anti-phishing service

Barclays Bank signs up to Cyota's anti-phishing service

04 October 2004  |  7126 views  |  0 comments

Related company news

 

Related blogs

Create a blog about this story (membership required)
visit www.niceactimize.comvisit www.solutions.lexisnexis.comvisit www.response.ncr.com

Top topics

Most viewed Most shared
Deutsche Bank paper hails 'huge' blockchain potentialDeutsche Bank paper hails 'huge' blockchai...
10084 views comments | 16 tweets | 25 linkedin
satelliteRipple completes XRP Lockup
8846 views comments | 3 tweets | 2 linkedin
PSD2: Laying the regulatory foundation for a new age in paymentsPSD2: Laying the regulatory foundation for...
8797 views comments | 17 tweets | 36 linkedin
Alior Bank to use Open API platform and accelerator to create fintech marketplaceAlior Bank to use Open API platform and ac...
7536 views comments | 20 tweets | 11 linkedin
Brits flock to digital-only banksBrits flock to digital-only banks
7166 views 11 comments | 11 tweets | 15 linkedin

Featured job

to £70K base, £105K ote, benefits
London, UK

Find your next job