Language Selection

English French German Italian Portuguese Spanish

New phishing attack uses real ID hooks

Filed under
Security

Workers at hosted security services company Cyota are sharing the details of this more sophisticated form of phishing threat, which forsakes the mass-targeting approach traditionally used in the fraud schemes in favor of taking aim at individual consumers. The security company would not disclose the names of the banks involved in the attacks, but said that its list includes some of the largest financial-services companies in the nation.

According to Cyota, the phishing e-mails arrive at bank customers' in-boxes featuring accurate account information, including the customer's name, e-mail address and full account number. The messages are crafted to appear as if they have been sent by the banks in order to verify other account information, such as an ATM personal-identification number or a credit card CVD code, a series of digits printed on the back of most cards as an extra form of identification.

Phishing is a form of online fraud that has exploded in frequency over the last several years. Typically using large-volume e-mail campaigns, phishers try to trick people into sharing personal information that the thieves then sell or use to commit identity theft. The new breed of attack, however, could have a higher success rate because the e-mails present unsuspecting recipients with accurate information in a document that looks like legitimate bank correspondence.

Cyota co-founder Amir Orad said he believes that the criminals responsible for the personalized phishing attacks have purchased stolen consumer data from other individuals and are trying to get information that's even more sensitive to sell to someone else at a premium.

"The attacks take advantage of poor technological defenses and continued consumer vulnerability, and evidence the work of an organized group with real research-and-development resources," Orad said. "So far, the success rates that we've seen are amazing. People are expecting to see a crude attack that tries to steal their information; they're not expecting to see this much real information as part of the attack."

Full Story.

More in Tux Machines

Desktop GNU/Linux/Chromebook

  • A Minimal Chrome OS Theme for Tint2
    I used to (and sort-of-still-do, I guess) run a sister site focused on Google Chrome, Chromecast and Chromebooks, i.e. the Chrome ecosystem. As such I am a fan of Chromebooks and Chrome OS, a Linux-based distribution based on Gentoo. The appearance of Chrome OS has waxed and waned in sync with Google’s ambitions and positioning for the OS, going form hyper-minimal to a full desktop clone (with the desktop-y Chrome Apps platform) through to a Material Design inspired Android + Chrome hybrid today.
  • Off-The-Shelf Hacker: Linux for Cheap Hardware, Then and Now
    Most people, don’t realize how prolific Linux has become. With the Embedded Linux Conference just a week away, I’ve been reflecting on how Linux has provided a sort of computing “circle of life” experience for me. It’s powered my computational hardware 20 years ago and continues to do so today.
  • [Video] XPS 13 Review | Linux Action Show 457
  • GParted 0.28.1
    This release of GParted restores the ability to move/resize primary partitions when an extended partition exists. The move/resize regression was introduced in version 0.28.0. This release also includes some minor bug fixes.
  • Antergos Linux : The beauty built on Arch
    Hi guys, welcome to the 16th segment of "Introduction with Linux Distro". Most of us know or heard about Arch Linux, which is one of the most widely used Linux distribution. For some reason, few users find it hard to install and use Arch. But in Linux world, there is almost always some alternative to your desired distribution. In today's segment, we will be introducing an Arch-based distribution which turned it completely on user-friendly side. So, let's get to know about Antergos Linux.

Kernel Space/Linux

Leftovers: Software

  • Picard 1.4 released
    The last time we put out a stable release was more than 2 years ago, so a lot of changes have made it into this new release. If you’re in a hurry and just want to try it out, the downloads are available from the Picard website.
  • Linux Digital Audio Workstations: Open Source Music Production
    Linux Digital Audio Workstations When most people think of music programs, they’ll usually think Mac OS or Windows. However, there are also a few Linux digital audio workstations. The support and features of these programs can vary, but they’re a good choice to setup a cheap recording studio. Some of them are even good competitors for paid programs, offering features such as multitrack recording, MIDI, and virtual instruments. Keep in mind that many audio editing programs for Linux rely on the Jack backend. You’ll need a dedicated system to install these programs on, since it doesn’t work properly in a virtual machine. In the following article, we’ll cover audio editing programs that are available for Linux. We’ll talk about the available features, as well as help you decide which program to use for your needs.
  • i2pd 2.12 released
    i2pd (I2P Daemon) is a full-featured C++ implementation of I2P client. I2P (Invisible Internet Protocol) is a universal anonymous network layer. All communications over I2P are anonymous and end-to-end encrypted, participants don't reveal their real IP addresses.
  • 4 Command-Line Graphics Tools for Linux
    For the most part, they’re wrong. Command-line image tools do much of what their GUI counterparts can, and they can do it just as well. Sometimes, especially when dealing with multiple image files or working on an older computer, command-line tools can do a better job. Let’s take a look at four command-line tools that can ably handle many of your basic (and not-so-basic) image manipulation tasks.
  • CloudStats - Best Server Monitoring Tool for Linux Servers
    CloudStats is an effective tool for Linux server monitoring and network monitoring. With CloudStats you get whole visibility into key performance criteria of your Linux Server. You can proactively track different server metrics like CPU, disk and memory usage, services, apps, processes and more. The best thing is that you don’t need to have any special technical skills – this tool for server monitoring is very easy to install and run from any device.
  • New Inkscape 0.92.1 fixes your previous works done with Inkscape
    This blog-post is about a happy-end after a previously published blog-post named New Inkscape 0.92 breaks your previous works done with Inkscape published on 20 January. A lot of reactions did happen about this previous blog-post and the news get quickly viral. That's why I thought it was nice to make another blog post to "close this case".
  • Qt 5.10 To Have Built-In Vulkan Support
    With Qt 5.8 there was experimental Direct3D 12 support that left some disappointed the toolkit didn't opt for supporting Vulkan first as a cross-platform, high-performance graphics API. Fortunately, with Qt 5.10, there will be built-in Vulkan support. Going back nearly one year there has been Vulkan work around Qt while with Qt 5.10 it's becoming a reality. However, with Qt 5.9 not even being released until the end of May, Qt 5.10 isn't going to officially debut until either the very end of 2017 or early 2018.
  • Rusty Builder
    Thanks to Georg Vienna, Builder can now manage your Rust installations using RustUp!
  • GNOME MPlayer knows how to grow your playlist size

today's howtos