Online Banking just became even more dangerous than it already was with new phishing attack...

"Chat-in-the-Middle" Phishing Attack Attempts to Steal Consumers' Data via Bogus Live-Chat Support





A new, unique type of phishing attack targeted against online banking customers was recently discovered by the RSA FraudAction Research Lab. RSA has coined this as a "Chat-in-the-Middle" phishing attack and it is first executed through routine means but then presents a more advanced layer of perpetrating online fraud. The phishing attack may dupe bank customers into entering their usernames and passwords into an ordinary phishing site but the addition of a bogus live chat support window can obtain even more credentials via a live chat session initiated by fraudsters.



During the live chat session, the fraudster behind the attack presents himself as a representative of the bank's fraud department and attempts to dupe customers who are online into divulging sensitive information - such as answers to secret questions that are used for online customer authentication. This attack is currently targeting a single U.S.-based financial institution.





Upon detecting the attack RSA immediately informed the affected financial institution and commenced a standard phishing attack shut-down procedure through the RSA Anti-Fraud Command Center and its RSA FraudAction service. (RSA cannot identify this bank in order to protect its security and privacy.) The attack is hosted on a well-known fast flux network for "hire" from fraudster to fraudster, which hosts a wealth of malicious websites such as phishing attacks,

Trojans infection points, mule recruitment websites, and more.



The Design of the Attack


The phishing attack starts out as a normal phishing website that prompts customers for their usernames and passwords. Usually at this point, after providing access credentials, phishing victims are redirected either to the next page (or pages) of the phishing website or to the genuine bank website. However, this attack proceeds with a new, advanced technique for obtaining additional information on victims – instead of being redirected to the next page of the phishing kit or the genuine site, a fake live-chat support window appears launched by the fraudster as part of the attack .





Continue Reading 







Reblog this post [with Zemanta]

Posted by John B. Frank Friday, September 18, 2009

0 comments

Payments Industry News Blog

Search the PIN Debit Blog by Subject

Kapersky Calls for Mass Adoption of Card Readers

Kapersky Calls for Mass Adoption of Card Readers