Banks leave online customers open to phishing

News

Banks leave online customers open to phishing

Antony Savvas

Web consultant Netcraft has warned that many large banks are neglecting to take sufficient care with the development and testing of their online banking facilities, and as a result are leaving their customers open to phishing attacks.

Netcraft said, "Well known banks have created an infestation of application bugs and vulnerabilities across the internet, allowing fraudsters to insert their data collection forms into bona fide banking sites, and creating convincing frauds that are undetectable to most customers."

Netcraft said its concerns about the continued threat of phishing attacks on customers of big banks were triggered by a large number of reports on the scams from users of its security toolbar, which automatically detects new security threats.

Netcraft said its Toolbar recently blocked a phishing attack on an online bank in which the fraudsters composed and mass-mailed a phishing mail that exploited a program on the bank’s website.

Through the attack, Javascript from the attackers' server presented the bank’s customers with a page bearing the bank’s URL in the address bar, while the browser window displayed a form sent by the hacker’s server asking for user login information.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.
 

COMMENTS powered by Disqus  //  Commenting policy