Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Spear Phishing Attack Targets Credit Unions

    By
    Paul F. Roberts
    -
    December 16, 2005
    Share
    Facebook
    Twitter
    Linkedin

      Malicious hackers are targeting U.S. credit unions with phishing e-mails that try to take advantage of a recently patched Internet Explorer browser hole to compromise systems used by the bank, according to CUISPA, an association of IT professionals who work at credit unions.

      The attacks use e-mail messages that are being sent to CEOs and other executives at credit unions across the United States. The messages contain a link to a Web page that, when visited, attempts to download a Trojan horse program onto the executives machines.

      The attack is just the latest example of small-scale scams known as “spear phishing” attacks that target specific employees in an organization, said Todd Bransford, vice president of marketing at Cyveillance Inc., an online risk management company in Arlington, Va.

      Beginning on Monday, executives at the banks began receiving identical e-mail messages with the subject “Credit Union.” The messages provide the URL of a Web page that appears to be a credit union “affiliated” with the recipients bank.

      The message asks the recipient to help confirm that the credit union is a federally recognized institution, according to a copy of the message posted by CUISPA (Credit Union Information Security Professionals Association) on its Web site.

      Executives who clicked on the link were taken to a Web page that attempted to download two pieces of malicious code on their machines. One was a Trojan horse program called “Bloodhound.Exploit.54” that uses a recently discovered hole in IE.

      Many credit unions who reported the e-mail had anti-virus software that recognized the Trojan and blocked it when the user visited the attackers Web page, said Kelly Dowell, executive director of CUISPA.

      However, it is possible that credit unions that have not updated their anti-virus definitions recently were infected without realizing it, he said. He added that CUISPA has not contacted the FBI because it is not aware of any monetary damage stemming from the attack.

      “If you cant prove monetary damages, [the FBI] isnt interested in it,” he said.

      Phishing attacks are nothing new, even for small credit unions and local banks, which are increasingly targets of shadowy online criminal groups and scam artists.

      Hudson Valley Credit Union in Poughkeepsie, N.Y., received 12 e-mails, all targeted at directors and senior administrators, said John Brozycki, IT network manager for the credit union.

      The messages arrived slowly, over a period of about 45 minutes, to avoid setting off security products looking for spam and phishing attacks, he said.

      /zimages/3/28571.gifClick here to read about phishing attacks that target users of online banking systems.

      The message, though poorly worded, was well-targeted to bank administrators, and Hudson Valley had a number of employees who clicked on the URL in the message, though anti-virus software spotted the attempted malicious code download, he said.

      Nobody knows where the attackers got the e-mail addresses, though credit union staff members say there are many possible sources, including Web pages and credit union industry groups. However, the information was at least two years old, Brozycki said.

      /zimages/3/28571.gifFor advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis Internets Security IT Hub.

      The attack is novel in shifting focus from banking customers to banking executives, Dowell said. James Brooks, senior product manager for anti-phishing at Cyveillance, pointed out that by targeting executives, attackers could be trying to get access to sensitive systems at the credit unions.

      “If the attack was successful, we dont really know what could happen. Theyre inside a financial institution. If they got the CEO, they might have access to everything on the network,” he said.

      Exploiting machines within the bank that are used by executives could provide quick access to systems that control thousands of bank accounts, rather than just one or two accounts, Brooks said.

      However, executives might not be as rich a target as hashers think. Changing banking regulations have reduced the permissions that executives have for systems within the banks in recent years, said Chad Lorenc of ENT Credit Union in Colorado Springs, Colo.

      Efforts to get the Web site used in the attack taken offline were hampered by botched communications with Network Solutions Inc., which hosted the site. Network Solutions eventually took the site down after intervention by Cyveillance on Wednesday, Dowell said.

      Spear phishing attacks have become more prevalent in recent months, as online criminal groups hone their tactics.

      The true extent of the spear phishing attack on credit unions is still not known. Despite the fact that the attackers used a brand new exploit to try to install malicious code, awkward wording in the phishing e-mail message and the ability of anti-virus programs to identify the malicious code that was used probably prevented infections at many credit unions, experts agree.

      Had the attackers used a more polished phishing e-mail and Web site, and an unknown (“zero day”) exploit, the results could have been far worse, Brozycki said.

      /zimages/3/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

      Paul F. Roberts
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×