服务器高防_海外高防服务器价格_限时优惠

Phishing Attacks Exploit New Online Security Checks in EU, UK

Fraudsters are launching phishing attacks that exploit strong customer authentication (SCA) to steal users’ banking credentials. Which? reported on a series of phishing attacks that masqueraded as official correspondence from Santander, Royal Bank of Scotland (RBS) and HSBC. The attack emails drew in recipients by invoking SCA. A response to the Payment Services Regulations 2017, or PSD2, SCA consists of new security checks that are expected to become increasingly common in online shopping and banking transactions processed within the U.K. and European Union (EU). Banks, card providers and retailers have thus begun asking users to provide up-to-date contact information so they can implement SCA going forward. To capitalize on this trend, attackers are targeting banking customers with fraudulent SCA messages. Specifically, they are crafting phishing emails informing recipients that they need their most up-to-date personal details. These messages contain links that redirect recipients to fraudulent websites designed to steal their personal information, giving threat actors all the data they need to access victims’ bank accounts. Just the Latest Digital Threat Targeting Banks In mid-August, Reuters reported on a similar attack in which the European Central Bank (ECB) shut down one of its websites after criminals compromised it with malware to facilitate future phishing attacks. About two weeks later, Cofense uncovered a sample of Trickbot that used Google Docs to bypass an email gateway. In September 2019, Cofense spotted phishing emails that used SharePoint to bypass this same technology. How to Defend Against Phishing Attacks Security professionals can help organizations defend against phishing attacks by using ahead-of-threat detection to spot suspicious domains before they are activated in attack campaigns. Companies should also look to integrate phishing intelligence with their security information and event management (SIEM) to reduce the amount of time needed to analyze an attack’s severity and impact. Tags: Authentication | Banking Security | Credentials Theft | E-commerce | Malware | Phishing | Security Information and Event Management (SIEM) | Threat Detection | United Kingdom David Bisson Contributing Editor David Bisson is an infosec news junkie and security journalist. He works as Contributing Editor for Graham Cluley Security News and Associate Editor for Trip... read more

热门推荐
  • 美国高防_卸载阿里云盾_3天试用

      巴黎的圣母院大教堂着火了,几乎没有从彻底的破坏中得救。每年有数以百万计的人来访,数以亿计的人感到与之有着强烈的......

    09-15    来源:长虹华伟

    分享
  • 服务器高防_海外高防服务器价格_限时优

      Fraudsters are launching phishing attacks that exploit strong customer authentication (SCA) to steal users’ banking credentials.Which? reported on a series of ......

    09-28    来源:长虹华伟

    分享
  • ddos高防_字修己_精准

      微软最近宣布向Box、Dropbox和Google的G Suite客户提供一项新的服务,以使用其OneDrive云存储服务。对于已经在使用这三种竞争产......

    02-22    来源:长虹华伟

    分享
  • 香港高防cdn_上海云盾王晓旭简历_怎么办

      MS051是微软2011年5月13号办公电脑的最重要漏洞。这个问题是有限的,有针对性的利用,微软没有把它标记为"关键"问题的唯一......

    03-01    来源:长虹华伟

    分享
  • ddos怎么防_高防ip价格_无缝切换

      如果你还没有意识到,Rapid7提供了一个悬赏,用于针对一堆手工选择的修补漏洞的漏洞进行攻击。有两个列表可供选择,前......

    03-02    来源:长虹华伟

    分享
  • ddos防御工具_ddos防火墙需要开启吗_怎么办

      贝奥武夫战车是该公司BvS10战车的一个非装甲变种,旨在成为受人尊敬的BV206s的继承者,该战车由美国阿拉斯加陆军、美国海......

    03-03    来源:长虹华伟

    分享
  • 网站安全防护_厦门美科安防工资高吗_如

      在攻击发生三周后,WannaCry仍然是全球infosec专业人士的首选。这在我有幸参加的本周的亚特兰大安全世界大会上非常明显。多......

    03-05    来源:长虹华伟

    分享
  • 高防_ddos攻击原理与防御方法_原理

      DDoS攻击通常按所涉及的带宽大小进行排名,例如2018年GitHub攻击的峰值为每秒1.35兆比特,通常被认为是有史以来最大的DDoS攻......

    03-15    来源:长虹华伟

    分享
  • 防御ddos_高防包_新用户优惠

      我想和大家分享一下,当你控制了整个堆栈时,构建零信任环境和可信应用程序环境的独特优势。让我们来讨论在一个严格控......

    03-19    来源:长虹华伟

    分享
  • 高防cdn_高防_怎么办

      Qualys今天第五次宣布,在Gartner的“脆弱性评估市场范围”(MarketScope for Vulnerability Assessment)中,该公司第五次获得了可能的......

    03-24    来源:长虹华伟

    分享
返回列表
Ctrl+D 将本页面保存为书签,全面了解最新资讯,方便快捷。