TrendLabsSM recently encountered a phishing email specifically targeting Standard Chartered Bank clients. The spammed message instructs recipients to log in to their online accounts and to visit the Secure Messages section to read a specific message. The email body includes an embedded link, which when clicked leads to a phishing page.
The use of bogus login pages has become a typical attack vector that phishers continue to use. Similar phishing attacks via spammed messages have been documented here in the Malware Blog:
- Phishing Pages Pose as Secure Login Pages
- Caisse d’Epargne Customers, Beware!
- Citi Prepaid Phishing Services
While this is an old trick, clients who visit the page may still unwittingly provide their bank credentials to cybercriminals’ waiting hands. Users are then advised to constantly exercise caution when opening email messages and when clicking embedded links. Standard Chartered Bank likewise reminds its clients to be wary of the reality of online threats, including phishing attacks.
Trend Micro™ Smart Protection Network™ already protects product users from this particular threat by preventing the spammed message from even reaching their inboxes via the email reputation service and by blocking access to the phishing site via the Web reputation service.
Non-Trend Micro product users can also stay protected from malicious URLs by using one of free tools like Web Protection Add-On, a lightweight add-on solution designed to proactively protect computers against Web threats.