Banking & finance

Cyberattacks strike international bank

  • 2 November 2011
ICC Cybersecurity

Commercial Crime Services (CCS), ICC's crime fighting unit, has learned of a recent spate of cyber attacks aimed at the databases of a major US bank. CCS is warning individuals and bank account holders to take all the necessary precautions to protect themselves, as threats of this nature continue to plague financial institutions and their customers.

The affected financial institution discovered that its customers were receiving illegitimate e-mails and other Internet messages from fraudsters. The Internet messages took several different forms, each attempting to solicit personal banking information such as credit card numbers or bank account numbers. Criminals illegally pursuing financial information over the Internet are becoming increasingly sophisticated. One common approach is to send a “phishing” e-mail that tells customers that their bank account has been frozen or their credit card cancelled. Concerned about their banking status, customers unwittingly provide important financial information, which is then exploited by criminals. “Phishing” e-mails are only one of a growing number of frauds Internet users face. Pop-up windows requesting information, and e-mails containing hyperlinks to very authentic- looking but illegitimate websites are also among the tactics used by on-line criminals. CCS Director Pottengal Mukundan advised: “Legitimate banks do not request confidential information like personal identification numbers via e-mail. Individuals who receive “phishing” e-mails or other suspicious messages should not respond or provide any information. Contacting your financial institution and reporting the incident is the best course of action.” In addition to being wary of unsolicited e-mails, Internet users also have a number of protective measures at their disposal. Using up-to-date anti-virus and firewall software can help prevent unwanted pop-up windows and viruses. Anti-virus and firewall software should be regularly updated and current. Individuals who have received suspicious e-mail should contact their financial institution using a telephone number they know to be genuine and verify the e-mail. Mr Mukundan added: “CCS wants to remind Internet users to be vigilant in the protection of both their personal and business information. If you feel any uncertainty, do not provide any personal banking details via e-mail, pop-up window, or website.”