Washington - Cyber Criminals Using New Tricks For Break-Ins
Washington - Remember all those phony emails that purport to be from your bank, asking you to click on a link and turn over your account information?
Cyber experts say criminals have moved on and are using new methods.
A cybersecurity banking official told a House Financial Services panel Friday that criminals are now sending emails claiming to be from someone other than your bank. Newer scams use The National Automatic Clearing House Association, the Electronic Federal Tax Payment System, the U.S. Postal Service, private delivery firms, telecommunications companies and social media providers.
One thing hasn’t changed. Once an unsuspecting user clicks on a link, he or she is redirected to a server that downloads malicious software onto the victim’s computer. The software captures the user’s online banking credentials as they are typed
Called “phishing,” this tactic involves sending an email that falsely claims to be an established legitimate enterprise in an attempt to trick the user into turning over information.
Michele Cantley, testifying on behalf of the Financial Services Information Sharing & Analysis Center, said that phishing “remains the most popular attack method that criminals use to infect victims’ machines.”
The center is a nonprofit organization funded by financial services companies, commercial banks, credit unions, brokerage firms, insurance companies, exchanges and clearing houses, and payment processors.
She said criminals are also using malicious advertisements, which appear on search engines and prominent news sites. When a user clicks on the link, malware gets downloaded onto his or her computer.
“A more recent method involves fraudulent messages sent from social media sites,” she said. “These may include bogus friend requests, for example, that include links to malicious sites.”
Mark Graff, vice president of the NASDAQ OMX Group, said his organization is not only concerned about rogue hackers or organized crime, but attacks backed by national governments.
“It is not reasonable to expect individual companies, no matter how large or sophisticated, to independently stave off cyberattacks coordinated and backed by a foreign government,” he said. “If our headquarters or our physical infrastructure were under attack from foreign missiles, the U.S. government would work with us to defend our company.
“The same needs to be true for cyberattacks, especially since the U.S. government is equally under attack from these foreign entities.”
NASDAQ OMX Group owns and operates 24 markets, 3 clearing houses, and 5 central securities depositories, spanning six continents.
More of today's headlines“Germany - A Germany team delegation has paid tribute to the victims of the Holocaust at the former Auschwitz-Birkenau death camp. Captain Philipp Lahm, Poland-born...” Germany - Germany Delegation Visits Auschwitz Death Camp “Cleveland, OH - A federal judge has rejected a challenge of the federal hate crimes law by Amish sect leader Sam Mullet and 15 followers charged with beard- and...” Cleveland, OH - Judge: U.S. Hate-Crime Law Also Applies To Violent Disputes Between Different Religions