By Staff writer
UK bank’s security threatened by large-scale, tenacious assault
Barclays Bank has been the target of a large-scale phishing attack aimed at robbing customers of the bank of their online banking details.
Anti-virus company PandaLabs exposed the attack on September 12 and said that it had identified at least 61 variants of spoof e-mail that were being sent out to Barclays customers.
PandaLabs said that 64% of the phishing messages it had received over a period of a few hours were targeting holders of Barclays accounts.
The firm said that it spotted eight further variants of the spoof e-mails and four new active domains holding spoof web pages later on that week.
“The authors of this attack are proving to be more tenacious than usual considering both the huge number of messages and the amount of false websites set up and circulated in such a short period of time. The signs are that they have no intention of stopping the attack until they have gathered considerable confidential data so users should keep their guard up at all times,” said Luis Corrons, a PandaLabs director.
The false e-mails being sent to users are designed to appear as if they have been sent from Barclays’ customer services, with the subject field chosen at random from a list of options. Some of these options are ‘Barclays bank official update’, ‘Barclays bank- security update’ or ‘Please Read’.
The message text informs users that the bank is upgrading software and that they should go to a link to confirm their bank details.
Users that click on the link will access a form, similar to those used by the bank, requesting their account number, credit card number or PIN.
“This is a sophisticated attack in comparison with those that we usually see. The use of several domains to host spoofed web pages makes it more difficult to disable them. The e-mails are also far more authentic looking than the usual, often error strewn, messages,” said Corrons.
PandaLabs said it was likely that the BarcPhish, as they have dubbed the attack, was a co-ordinated attack, initiated in several places at once in order to spread rapidly.
Barclays said it was working as fast as possible to close the fake sites down. “Barclays never sends e-mails asking for security information and we would advise customers not to open emails if they are not sure of the source,” a spokeswoman told the UK’s vnunet.com.