Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Spear Phishing Attack Targets Credit Unions

    By
    Paul F. Roberts
    -
    December 16, 2005
    Share
    Facebook
    Twitter
    Linkedin

      Malicious hackers are targeting U.S. credit unions with phishing e-mails that try to take advantage of a recently patched Internet Explorer browser hole to compromise systems used by the bank, according to CUISPA, an association of IT professionals who work at credit unions.

      The attacks use e-mail messages that are being sent to CEOs and other executives at credit unions across the United States. The messages contain a link to a Web page that, when visited, attempts to download a Trojan horse program onto the executives machines.

      The attack is just the latest example of small-scale scams known as “spear phishing” attacks that target specific employees in an organization, said Todd Bransford, vice president of marketing at Cyveillance Inc., an online risk management company in Arlington, Va.

      Beginning on Monday, executives at the banks began receiving identical e-mail messages with the subject “Credit Union.” The messages provide the URL of a Web page that appears to be a credit union “affiliated” with the recipients bank.

      The message asks the recipient to help confirm that the credit union is a federally recognized institution, according to a copy of the message posted by CUISPA (Credit Union Information Security Professionals Association) on its Web site.

      Executives who clicked on the link were taken to a Web page that attempted to download two pieces of malicious code on their machines. One was a Trojan horse program called “Bloodhound.Exploit.54” that uses a recently discovered hole in IE.

      Many credit unions who reported the e-mail had anti-virus software that recognized the Trojan and blocked it when the user visited the attackers Web page, said Kelly Dowell, executive director of CUISPA.

      However, it is possible that credit unions that have not updated their anti-virus definitions recently were infected without realizing it, he said. He added that CUISPA has not contacted the FBI because it is not aware of any monetary damage stemming from the attack.

      “If you cant prove monetary damages, [the FBI] isnt interested in it,” he said.

      Phishing attacks are nothing new, even for small credit unions and local banks, which are increasingly targets of shadowy online criminal groups and scam artists.

      Hudson Valley Credit Union in Poughkeepsie, N.Y., received 12 e-mails, all targeted at directors and senior administrators, said John Brozycki, IT network manager for the credit union.

      The messages arrived slowly, over a period of about 45 minutes, to avoid setting off security products looking for spam and phishing attacks, he said.

      /zimages/3/28571.gifClick here to read about phishing attacks that target users of online banking systems.

      The message, though poorly worded, was well-targeted to bank administrators, and Hudson Valley had a number of employees who clicked on the URL in the message, though anti-virus software spotted the attempted malicious code download, he said.

      Nobody knows where the attackers got the e-mail addresses, though credit union staff members say there are many possible sources, including Web pages and credit union industry groups. However, the information was at least two years old, Brozycki said.

      /zimages/3/28571.gifFor advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis Internets Security IT Hub.

      The attack is novel in shifting focus from banking customers to banking executives, Dowell said. James Brooks, senior product manager for anti-phishing at Cyveillance, pointed out that by targeting executives, attackers could be trying to get access to sensitive systems at the credit unions.

      “If the attack was successful, we dont really know what could happen. Theyre inside a financial institution. If they got the CEO, they might have access to everything on the network,” he said.

      Exploiting machines within the bank that are used by executives could provide quick access to systems that control thousands of bank accounts, rather than just one or two accounts, Brooks said.

      However, executives might not be as rich a target as hashers think. Changing banking regulations have reduced the permissions that executives have for systems within the banks in recent years, said Chad Lorenc of ENT Credit Union in Colorado Springs, Colo.

      Efforts to get the Web site used in the attack taken offline were hampered by botched communications with Network Solutions Inc., which hosted the site. Network Solutions eventually took the site down after intervention by Cyveillance on Wednesday, Dowell said.

      Spear phishing attacks have become more prevalent in recent months, as online criminal groups hone their tactics.

      The true extent of the spear phishing attack on credit unions is still not known. Despite the fact that the attackers used a brand new exploit to try to install malicious code, awkward wording in the phishing e-mail message and the ability of anti-virus programs to identify the malicious code that was used probably prevented infections at many credit unions, experts agree.

      Had the attackers used a more polished phishing e-mail and Web site, and an unknown (“zero day”) exploit, the results could have been far worse, Brozycki said.

      /zimages/3/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

      Paul F. Roberts

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×