News

Banks leave online customers open to phishing

Antony Savvas

Web consultant Netcraft has warned that many large banks are neglecting to take sufficient care with the development and testing of their online banking facilities, and as a result are leaving their customers open to phishing attacks.

Netcraft said, "Well known banks have created an infestation of application bugs and vulnerabilities across the internet, allowing fraudsters to insert their data collection forms into bona fide banking sites, and creating convincing frauds that are undetectable to most customers."

Netcraft said its concerns about the continued threat of phishing attacks on customers of big banks were triggered by a large number of reports on the scams from users of its security toolbar, which automatically detects new security threats.

Netcraft said its Toolbar recently blocked a phishing attack on an online bank in which the fraudsters composed and mass-mailed a phishing mail that exploited a program on the bank’s website.

Through the attack, Javascript from the attackers' server presented the bank’s customers with a page bearing the bank’s URL in the address bar, while the browser window displayed a form sent by the hacker’s server asking for user login information.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy