Dangerous phishing attack targeting clients of Barclays Bank

After yesterday’s warning from PandaLabs about BarcPhish (a mass-mailed phishing attack), the antimalware laboratory now reports that the attack is continuing, with a 1 percent increase in the number of phishing messages targeting Barclays’ clients, although the total number of messages has decreased slightly. Technicians at Panda Software’s laboratory estimate that over the last 24 hours, 68 percent of phishing messages have exclusively targeted Barclays’ clients.
 
After the appearance of 61 variants of the fraudulent message in one day, today five new variants have been detected with different subject fields. New Web domains have also been detected hosting the spoof web pages, two corresponding to servers in Colombia and one in Hong Kong. The latter is no longer active.
 
In line with its policy of offering complete protection to users, PandaLabs, in collaboration with Cyota (an institution providing security services to financial entities), has started taking the action needed to close down any of these servers that remain active. This will prevent users that receive these phishing messages from being able to access the false links displayed in the emails, thereby preventing identity theft and the consequent financial losses.
 
This attack is based on spoof emails which are made to appear as if they have been sent from Barclays Bank. The (random) subjects used include: Barclays bank official update, Barclays bank – Security update, Please Read or Verify your data with Barclays bank.
 
The message (which imitates the corporate image of the bank) asks users to confirm their login details due to a software upgrade and provides a link for them to go to the bank’s website. This link however does not point to Barclay’s web page.
 
According to Luis Corrons, director of Pandalabs “Although it appears that there has been a slight drop in the number of messages, the situation could be repeated at any time. The aim of this attack is to obtain as much confidential data as possible and therefore the culprits could once again mass e-mail these types of messages either to Barclay’s clients or to those of other banks.”
Â