September 5, 2019 By David Bisson < 1 min read

Fraudsters are launching phishing attacks that exploit strong customer authentication (SCA) to steal users’ banking credentials.

Which? reported on a series of phishing attacks that masqueraded as official correspondence from Santander, Royal Bank of Scotland (RBS) and HSBC. The attack emails drew in recipients by invoking SCA.

A response to the Payment Services Regulations 2017, or PSD2, SCA consists of new security checks that are expected to become increasingly common in online shopping and banking transactions processed within the U.K. and European Union (EU). Banks, card providers and retailers have thus begun asking users to provide up-to-date contact information so they can implement SCA going forward.

To capitalize on this trend, attackers are targeting banking customers with fraudulent SCA messages. Specifically, they are crafting phishing emails informing recipients that they need their most up-to-date personal details. These messages contain links that redirect recipients to fraudulent websites designed to steal their personal information, giving threat actors all the data they need to access victims’ bank accounts.

Just the Latest Digital Threat Targeting Banks

In mid-August, Reuters reported on a similar attack in which the European Central Bank (ECB) shut down one of its websites after criminals compromised it with malware to facilitate future phishing attacks. About two weeks later, Cofense uncovered a sample of Trickbot that used Google Docs to bypass an email gateway. In September 2019, Cofense spotted phishing emails that used SharePoint to bypass this same technology.

How to Defend Against Phishing Attacks

Security professionals can help organizations defend against phishing attacks by using ahead-of-threat detection to spot suspicious domains before they are activated in attack campaigns. Companies should also look to integrate phishing intelligence with their security information and event management (SIEM) to reduce the amount of time needed to analyze an attack’s severity and impact.

More from

Change Healthcare discloses $22M ransomware payment

3 min read - UnitedHealth Group CEO Andrew Witty found himself answering questions in front of Congress on May 1 regarding the Change Healthcare ransomware attack that occurred in February. During the hearing, he admitted that his organization paid the attacker's ransomware request. It has been reported that the hacker organization BlackCat, also known as ALPHV, received a payment of $22 million via Bitcoin.Even though they made the ransomware payment, Witty shared that Change Healthcare did not get its data back. This is a…

Phishing kit trends and the top 10 spoofed brands of 2023

4 min read -  The 2024 IBM X-Force Threat Intelligence Index reported that phishing was one of the top initial access vectors observed last year, accounting for 30% of incidents. To carry out their phishing campaigns, attackers often use phishing kits: a collection of tools, resources and scripts that are designed and assembled to ease deployment. Each phishing kit deployment corresponds to a single phishing attack, and a kit could be redeployed many times during a phishing campaign. IBM X-Force has analyzed thousands of…

How I got started: AI security researcher

4 min read - For the enterprise, there’s no escape from deploying AI in some form. Careers focused on AI are proliferating, but one you may not be familiar with is AI security researcher. These AI specialists are cybersecurity professionals who focus on the unique vulnerabilities and threats that arise from the use of AI and machine learning (ML) systems. Their responsibilities vary, but key roles include identifying and analyzing potential security flaws in AI models and developing and testing methods malicious actors could…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today