Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
  • Email Subscription

  • About Us

    Phishing has evolved into a variety of forms. Phishers are always trying out new tricks to try to evade anti-phishing filters that are continually updated to recognize the latest phishing techniques. It thus seems strange for us to see this phishing attempt targeting users of two banking Web sites in North America:

    Bank of America Phishing Email

    Bank of Montreal Phishing Email

    The first email targets Bank of America users; the said bank is only the largest commercial bank in the US. Bank of Montreal on the other hand (the subject of the second email) is Canada’s fourth largest bank.

    The phishing technique used here, a form embedded in spammed email messages, is not entirely new; it was, in fact, used way back in 2004 (see point 2.6 in this The Anatomy of a Phishing Email by Drake, Oliver and Koontz). Neither is it incredibly sophisticated compared to the slew of phishing mail around today.

    Phishing being a serious issue, however, this cannot remain just a footnote on phishing evolution. Information theft remains a major threat to online users, and it seems the business (it is big business) will be here to stay.

    TrendLabs’ Content Security Team says users who fill the BMO form and click the submit button are redirected to the Web site http://{BLOCKED} The Bank of America phishing email, meanwhile, displays a syntax error when the embedded form is submitted.

    Users are advised, as always, to be careful when doing their banking transactions online. Legitimate banking-related emails DO NOT ask for sensitive information such as account numbers and passwords/PINs in emails.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon

    Comments are closed.


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice