Two of Germany's biggest banks became the latest victims
of phishing attacks last week as internationally organised criminal
groups roam the globe seeking new targets, according to a spokesman
at Postbank.
Postbank suffered its second phishing attack on Thursday (19
August), less than four weeks after the bank's first-ever assault,
and was linked to a separate strike on Deutsche Bank.
Phishing attacks use spoofed e-mail and fraudulent websites to
fool respondents into entering personal financial data such as
credit card numbers, account user names and passwords, which can
then be used for financial theft or identity theft.
Until recently, most phishing attacks have been aimed at
customers of banks in English-speaking countries, such as the US,
UK and Australia, but "over the past few weeks, we've seen a shift
to countries like Brazil and now Germany", said Mikko Hyppönen,
director of anti-virus research at F-Secure.
Last month, several Brazilian banks were the target of what
Hyppönen called a "combo attack". E-mail messages were distributed
with a Trojan worm that would monitor visited sites. When customers
typed the URL or the bookmarked URL of their banks, web pages
appeared that looked like their banks', allowing criminals to steal
sensitive information, such as passwords and credit card
numbers.
"These pages were very difficult to detect, even for alert
online banking customers," Hyppönen said.
Although the German phishing attacks appear to be less
sophisticated, bank officials here have expressed concern that they
may now be on the radar screen of international phishing rings.
"The first attack about four weeks ago came from Russia," said a
Postbank spokesman. "The second attack appears to have originated
in Asia. Who knows where the next one will come from."
The most recent attack came late Thursday via an e-mail written
in German. It warned customers of a security risk, asking for their
Pin and a Tan (transaction number) to resolve the problem.
"We worked together with the police to shut down this site by
Friday," the Postbank spokesman said. "We also alerted customers
immediately on our website."
The earlier phishing attack on the Postbank came in the form of
an e-mail written in English. "This e-mail really stuck out because
we never send any correspondence to customers in English," he
said.
Postbank, which was spun off of the former German public
administration for post and telecommunications, is one of the
country's largest consumer banks with 11 million customers of whom
nearly 1.7 million have online banking accounts.
The Postbank phishing attack also extended to Deutsche Bank
whose customers received an e-mail, with the pseudo Postbank
address, directing them to a page similar to Deutsche Bank's.
"This attack wasn't very professional, to say the least," a
Deutsche Bank spokesman said. "We moved immediately to block the
corrupt link."
Deutsche Bank has posted an alert to customers on its website,
telling them never to respond to an e-mail requesting personal
data, such as passwords, Pins or Tans.
John Blau writes for IDG News Service