http://news.netcraf
t.com/archives/2006/03/27/phishers_hack_bank_sites_redirect_
customers.html
By Rich Miller
March 27, 2006
Phishing scammers recently hacked the web sites of three
Florida banks
and redirected their customers to spoof pages, marking an
apparent
milestone in phishers' use of bank web sites to construct
more
credible frauds. Previous scams have managed to manipulate
financial
sites through cross-site scripting and cross-frame content
injection,
but didn;t gain access to the server hosting the banks'
site.
Not so for the attack on Capital City Bank, Wakulla Bank and
Premier
Bank in northern Florida. On March 14 hackers were able to
break into
the servers of ElectroNet, a Tallahassee, Fla. service
provider which
hosted the web sites for all three banks. The main business
URL for
the banks' were redirected to identical spoof sites on
offshore
servers, which asked customers to provide their login
details.
The intrusion was detected about an hour after it started,
ElectroNet
CEO Allen Byington told the Tallahassee Democrat. Byington
said that
ElectroNet stores no confidential data on its computers and
that the
company was "working closely" with law
enforcement agencies
investigating the incident. The banks' sites were shut down
for
several days, and bank officials said the financial losses
were
"minimal," and that any customers who lost money
were reimbursed by
their respective banks.
Since the attackers redirected bank customers to spoof sites
hosted
elsewhere, this type of attack could be detected by users of
the
Netcraft Toolbar, which displays the name and location of a
site's
hosting service.
_________________________________
InfoSec News v2.0 - Coming Soon!
http://www.infosecnews.org
|