In-Session Phishing
Security researchers have found yet another new technique phishers are using to collect user information. The new method is called “in-session phishing” and involves creating a pop-up requesting the user to re-enter username and password information for an already open banking session. First, the site hosting the malicious code will try to detect whether the user has an open banking session. The malicious site then will create a pop-up that indicates that the banking session has expired and the user credentials must be entered again. Information then typed into the malicious pop-up will be recorded by the phishers. Researchers also have stated that the pop-up may be cleverly masked and also can come in the form of customer satisfaction surveys or advertisements. Since the site is not technically injecting code or files onto the user’s machine, this type of attack will be harder to detect than normal trojans or viruses.
Federal Reserve Bank Phishing Emails
The FDIC has issued an advisory warning consumers and financial institutions about a new email phishing scheme purportedly from the Federal Reserve Bank. The email claims there are new restrictions in place for wire transfers, and provides a link to two websites providing more information. These sites attempt to download malicious Trojans onto victim PCs. A copy of the phishing email can be seen in the FDIC advisory linked below. As always, Gladiator recommends that users do not click on links contained in unsolicited email. If you already received this phishing email and clicked on one of the links, Gladiator recommends that you run a full antivirus scan of your PC. Furthermore, you can try running a malicious software removal tool, such as Malware Bytes Anti-Malware, in an attempt to find any other unwanted programs.
January Patch Tuesday
Microsoft has announced a patch for a critical vulnerability affecting several versions of Windows for both servers and workstations. The vulnerability could allow a remote attacker to access a system with full privileges.
Previous Articles
Gladiator Research and Security
This site is here to provide security related information and articles to better protect your financial institutions. We'll be posting advisories, blog entries and trends often so be sure to check back weekly.