The number of phishing attacks targeting TSB customers leapt by 843% in May compared with April as fraudsters took advantage of the bank’s IT meltdown.
Following a Computer Weekly request, mobile software security company Wandera, which monitors and blocks global mobile threats, found that in April, for 100,000 UK devices using Wandera security, there were 28 TSB-themed phishing attacks.
But in May, following TSB’s public IT turmoil, 236 such attacks were found by monitoring the same 100,000 devices.
This rise in attacks was sparked by the turmoil suffered by TSB customers when its banking system went offline during the migration of customer accounts to a new core banking platform.
Scammers targeted TSB customers desperate for information and support, recognising their vulnerability to phishing scams in messages purporting to come from the bank.
Towards the end of April, TSB moved millions of customer accounts from the systems of Lloyds Bank, which had hosted them since TSB was separated from Lloyds, to a new core banking platform from its current owner, Spanish bank Sabadell.
Some customers found themselves locked out of their accounts and saw money disappearing from accounts. Some were even able to view other customers’ accounts.
Wandera’s investigation found that in May, TSB was the second most used bank brand by scammers attempting to obtain customer details. PayPal was the only financial services brand used more often by scammers.
Read more about the TSB IT migration disaster
- The Information Commissioner’s Office and the Financial Conduct Authority are assessing the IT meltdown at TSB that led to some customer accounts being seen by other customers.
- TSB’s very public IT problems will send shivers down the spine of IT teams at large banks that are yet to migrate to new core banking systems.
- TSB chaos: When choosing a bank, people should look at core banking platform and not just funky apps.
- TSB customers are still experiencing problems using online and mobile banking services after almost a week of disruption.
- TSB’s IT problems have moved into a second week as the bank fights to get its services and reputation back on track.
Back in April, TSB did not even appear in the top five. “TSB appeared in the top five financial services apps to be impersonated for attacks for the first time this year, showing that TSB was not a high priority for phishers prior to this incident,” said Wandera.
“This isn’t the first time hackers have leveraged global events to add credence to their phishing campaigns. Wandera’s machine learning mobile intelligence engine, MI:RIAM, recently detected and intercepted traffic in transit between thousands of devices and malicious third parties impersonating the UK government.
“These SMS phishing attacks were well timed after the culmination of the tax year to encourage unsuspecting victims to log into their accounts and part ways with their credentials.”