News

02:40 PM
Nancy Feig
Nancy Feig
News
Connect Directly
RSS
E-Mail
50%
50%

Phishing for Bank Accounts Reels in Big Bucks

By Nancy Feig Today, Symantec revealed findings about the rewards phishers are reeling in for personal information phished from consumers.

By Nancy Feig

Today, Symantec revealed findings about the rewards phishers are reeling in for personal information phished from consumers.According to the security vendor, bank account details bait the biggest rewards, at up to $400. IDG News Service also reported that:

Credit card details sell for between 50 cents and $5, e-mail passwords for $1 to $350 each, and e-mail addresses from $2 to $4 per megabyte.

The report points to the commercialization and even "professionalism" of today's cyber criminals. Phishing toolkits, which can be purchased to aid these criminals, accounted for 42 percent of all phishing attacks during the first six months of 2007.

These phishers continue to capitalize on vulnerabilities in Web sites trusted most by consumers, including banks, social networking sites and job search engines. The criminals use the "scripts" provided in the toolkits to set up phishing Web sites that mimic legitimate Web sites, according to Symantec.

These social networking sites are particulary vulnerable to phishing because users tend to highly trust the sites and their security measures.

I have to tell you, I honestly used to wonder how people could fall for phishing scams, but I can tell you first hand that they are getting harder to detect. Almost everyone I know has been a victim of phishing on Myspace, the most popular social networking site. It amazes me that Myspace has not found a way to prevent these attacks or at least sent out some type of alert to its users.

I quick google search yields plenty of instructional sites on how to hack into a myspace account. There's even a YouTube video with instructions. I wonder where all of those stolen passwords are going. One organization hacked their way into the Web sites of several HSBC employees to steal their passwords, which are likely their work passwords as well. This is some scary stuff.

Banks need to be aware of the many channels criminals are to steal people's identity and money. Open dialogue with the social networking sites might be one place to start.

Comment  | 
Print  | 
More Insights
Register for Bank Systems & Technology Newsletters
White Papers
Current Issue
Bank Systems & Technology - August 2014
Modern core systems are emerging as the foundations of effective channel integration and customer engagement initiatives.
Slideshows
Video
Bank Systems & Technology Radio
Archived Audio Interviews
New IT Models for New Financial Services Challenges