hybrid_attack  - hybrid attack - [ALERT] There Is A New Hybrid Cyber Attack On Banks And Credit Unions In The WildA customer just called me. He found a new strain of that’s the next scary thing your organization may become the target of.

He’s been using our platform for 6 years, first at a bank where he selected our platform and deployed it, and in his second job, they already used KnowBe4 to create their human firewall so he got off to a running start.

The issue he warned me about today is the following. There is a new attack that starts with a Banking Trojan which gets on the machine by using social engineering to get in, suspected to be email. 

Once the Trojan kicks in, it looks in real time for the “bank” in the browser and if it sees the end user go to their bank, they redirect the user to a malicious site that looks like that bank and steals their credentials. Up to now this is nothing new.

However, here is the wrinkle…

The Trojan starts to slow down the browser, and simulates “technical problems” with the site for a few minutes. Then it comes up with another popup which asks for their name and number so that “support can call them back”.

Next, the end-user gets a phone call from a live bad guy, claiming to be the support team of the bank, who then starts to social engineer the customer real-time and tries to manipulate the end user into divulging more detail so that the bad guy can make an immediate transfer out of the account.

This is the first time that we hear about this nasty variant on the tech support scam, but now looks like it’s tailor-made for a certain bank. You can count on this tactic being used soon for as well. Not good. Be warned!

Let’s stay safe out there.

Warm regards,
Stu Sjouwerman
Founder and CEO,
KnowBe4, Inc

NewStu-6  - NewStu 6 - [ALERT] There Is A New Hybrid Cyber Attack On Banks And Credit Unions In The Wild

 

 



Source link
Based Blockchain Network

LEAVE A REPLY

Please enter your comment!
Please enter your name here