September 5, 2019 By David Bisson < 1 min read

Fraudsters are launching phishing attacks that exploit strong customer authentication (SCA) to steal users’ banking credentials.

Which? reported on a series of phishing attacks that masqueraded as official correspondence from Santander, Royal Bank of Scotland (RBS) and HSBC. The attack emails drew in recipients by invoking SCA.

A response to the Payment Services Regulations 2017, or PSD2, SCA consists of new security checks that are expected to become increasingly common in online shopping and banking transactions processed within the U.K. and European Union (EU). Banks, card providers and retailers have thus begun asking users to provide up-to-date contact information so they can implement SCA going forward.

To capitalize on this trend, attackers are targeting banking customers with fraudulent SCA messages. Specifically, they are crafting phishing emails informing recipients that they need their most up-to-date personal details. These messages contain links that redirect recipients to fraudulent websites designed to steal their personal information, giving threat actors all the data they need to access victims’ bank accounts.

Just the Latest Digital Threat Targeting Banks

In mid-August, Reuters reported on a similar attack in which the European Central Bank (ECB) shut down one of its websites after criminals compromised it with malware to facilitate future phishing attacks. About two weeks later, Cofense uncovered a sample of Trickbot that used Google Docs to bypass an email gateway. In September 2019, Cofense spotted phishing emails that used SharePoint to bypass this same technology.

How to Defend Against Phishing Attacks

Security professionals can help organizations defend against phishing attacks by using ahead-of-threat detection to spot suspicious domains before they are activated in attack campaigns. Companies should also look to integrate phishing intelligence with their security information and event management (SIEM) to reduce the amount of time needed to analyze an attack’s severity and impact.

More from

What does resilience in the cyber world look like in 2025 and beyond?

6 min read -  Back in 2021, we ran a series called “A Journey in Organizational Resilience.” These issues of this series remain applicable today and, in many cases, are more important than ever, given the rapid changes of the last few years. But the term "resilience" can be difficult to define, and when we define it, we may limit its scope, missing the big picture.In the age of generative artificial intelligence (gen AI), the prevalence of breach data from infostealers and the near-constant…

Airplane cybersecurity: Past, present, future

4 min read - With most aviation processes now digitized, airlines and the aviation industry as a whole must prioritize cybersecurity. If a cyber criminal launches an attack that affects a system involved in aviation — either an airline’s system or a third-party vendor — the entire process, from safety to passenger comfort, may be impacted.To improve security in the aviation industry, the FAA recently proposed new rules to tighten cybersecurity on airplanes. These rules would “protect the equipment, systems and networks of transport…

Protecting your digital assets from non-human identity attacks

4 min read - Untethered data accessibility and workflow automation are now foundational elements of most digital infrastructures. With the right applications and protocols in place, businesses no longer need to feel restricted by their lack of manpower or technical capabilities — machines are now filling those gaps.The use of non-human identities (NHIs) to power business-critical applications — especially those used in cloud computing environments or when facilitating service-to-service connections — has opened the doors for seamless operational efficiency. Unfortunately, these doors aren’t the…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today