Bitdefender warns that 0.5 per cent of all spam sent worldwide is targeting customers of some of the most popular British financial institutions and services, including PayPal, Lloyds Banking Group, HSBC Holdings and Barclays Bank.
The e-mails are designed to steal critical bank-related data by tricking people into typing in sensitive identification information including banking username and password, credit card number, expiration date, name, and country. Some spam e-mails deliver fake bank forms, while others distribute the infamous Zbot Trojan hidden in attachments allegedly sent by reputable financial institutions.
On average, phishing accounts for 3 per cent of unsolicited e-mails sent worldwide. Last year the UK was the country hit by the highest number of phishing attacks mainly due to the prevalence of internet connections in British households – more than 80 per cent according to the UN’s net-connectivity table. As eager adopters of online banking services, Britons are priority targets for phishing attacks.
Bitdefender’s anti-spam lab found some spammers sharing servers or recipient lists, with spam e-mails targeting Lloyds and HSBC being sent from servers located in countries including Russia, Italy, the US, India, Australia or the United Arab Emirates.
Catalin Cosoi, Chief Security Strategist at Bitdefender, states, “0.5 per cent of phishing e-mails might sound like a small number, but phishing attacks are less random than other types of spam. Some phishers send a message for a few hours, stop to alter the content or attachment to avoid detection and then send it again.”
Bitdefender cites three recent examples of phishing e-mails sent under the guise of UK financial institutions, and advises that consumers should be cautious when opening e-mails purporting to be from financial establishments. A recent message allegedly sent by Lloyds informed users that they had received a new payment and invited users to open a malicious attachment.
A similar message allegedly from HSBC advised of a failed payment yet was designed to deliver Trojan Zbot with the intention of collecting as much financial data from active bank accounts as possible. Barclays’ impersonation notified customers that their accounts had been temporarily suspended and prompted users to fill in data within an attachment in order to reactivate it. This attachment was, however, an executable file designed to retrieve Zeus on their systems.
“As a rule of thumb, remember that banks never ask customers to divulge sensitive data via e-mail,” advises Catalin Cosoi, Chief Security Strategist at Bitdefender. “When in doubt, users should always call the bank or, better yet, go to the nearest branch to ask for more details in person. A good security solution will mark the unsolicited e-mails as spam and block phishing pages as malicious or suspicious.”