Live Chat Added to Online Banking Platform for Community Financial Institutions
The latest RSA AFCC report highlights a new, unique phishing attack called "Chat-in-the-Middle". It is targeted against online banking customers and it is executed through routine means but then presents a more advanced layer of perpetrating online fraud. The phishing attack may dupe bank customers into entering their usernames and passwords into an ordinary phishing site but the addition of a bogus live chat support window can obtain even more credentials via a live chat session initiated by fraudsters.
During the live chat session, the fraudster behind the attack presents himself as a representative of the bank's fraud department and attempts to dupe customers who are online into divulging sensitive information - such as answers to secret questions that are used for online customer authentication. This attack is currently targeting a single US-based financial institution.
0 comments