PNB customers targeted by phishing email scam to steal passwords: Websense
Advertisement
Cyber-criminals tried to steal passwords of corporate and individual customers of Punjab National Bank (PNB) last week, global cyber-security firm Websense said.
California-based Websense, which provides protection against cyber-attacks and data theft, said it was able to block the intrusion, which involved a phishing attack.
Phishing involves sending emails purporting to be from reputable firms to unsuspecting individuals and also corporate entities to induce then in revealing personal and financial information like passwords, credit card numbers, etc.
"Last week, Websense Security Labs came across a phishing email targeting PNB customers. The phishing attack was aimed to obtain password of corporate and individual customers,"
Websense Regional Director India Surendra Singh told PTI. PNB is not the client of the company, but these phishing mails were sent to several individuals and some corporate who are clients of Websense, he added.
Advertisement
PNB officials were not immediately available for comments.
Singh said this phishing campaign requires the recipient to open an email attachment and fill in the required fields, including user ID, password, transaction password and mobile number.
Advertisement
Once completed the form redirects customers to a legitimate bank site, while their personal information
including password credentials are sent to a server under the attacker's control, he added.
Advertisement
"This information is often sold by cyber-criminals to the Internet underworld or they use it themselves," Singh said.
There has been an increase in the intensity and number of phishing and other cyber-attacks trying to steal financial information from individuals as well as corporate and Websense expects such acts to grow in the future, he added.
The firm's security prediction for 2014 projects is that cyber criminals will rely less on high-volume advanced malware because over time it runs a higher risk of detection.
They will instead use lower volume, more targeted attacks to secure a foothold, steal user credentials and move unilaterally throughout infiltrated networks.
For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.
Advertisement