Italian bank Banca Popolare di Sondrio has become phishers’ new target with the discovery of a spammed message containing a link to the supposed bank’s Internet banking site, SCRIGNO.
As with previous bank-related phishing attempts, clicking the link leads users to a site that looks very much like the legitimate Internet service’s login page. The site asks users to enter their user codes and personal identification numbers (PINs). After giving out the requested information, they are redirected to another site that asks for a control code, which is indicated in every Scrigno client’s card.
Once users have provided all the necessary information, they are redirected to the real SCRIGNO site. Unfortunately, by this time, the phishers have already acquired the data they need.
Phishing attacks, regardless of vector—spamming or site spoofing—are already a staple in the current threat landscape. As in this most recent attack, cybercriminals often send out spammed messages purporting to come from various banks to users in an attempt to trick them into clicking embedded malicious links, as shown in the following previous posts:
Cybercriminals also spoof legitimate banking sites for their profiteering schemes. In such an attack, they leverage users’ trust on the latest banking technologies, as in the following previous attacks:
To avoid becoming victims of phishing scams, the best solution is still user vigilance. Users must continue to be wary of suspicious-looking email messages and must refrain from clicking dubious links. Being familiar with the full addresses of banking sites users access can also prevent them from unwittingly giving out critical information in phishing sites. Of course, using an effective security solution will also help.
Trend Micro™ Smart Protection Network™ protects product users from this threat by preventing the spammed messages from even reaching users’ inboxes via the email reputation service. It also blocks access to the said phishing site via the Web reputation service.
