Phishers Hack Bank Sites, Redirect Customers

["Fergie" <fergdawg () netzero net>]

Via Netcraft.

[snip]

Phishing scammers recently hacked the web sites of three Florida banks and redirected their customers to spoof pages, 
marking an apparent milestone in phishers' use of bank web sites to construct more credible frauds. Previous scams have 
managed to manipulate financial sites through cross-site scripting and cross-frame content injection, but didn;t gain 
access to the server hosting the banks' site.

Not so for the attack on Capital City Bank, Wakulla Bank and Premier Bank in northern Florida. On March 14 hackers were 
able to break into the servers of ElectroNet, a Tallahassee, Fla. service provider which hosted the web sites for all 
three banks. The main business URL for the banks' were redirected to identical spoof sites on offshore servers, which 
asked customers to provide their login details.

The intrusion was detected about an hour after it started, ElectroNet CEO Allen Byington told the Tallahassee Democrat. 
Byington said that ElectroNet stores no confidential data on its computers and that the company was "working closely" 
with law enforcement agencies investigating the incident. The banks' sites were shut down for several days, and bank 
officials said the financial losses were "minimal," and that any customers who lost money were reimbursed by their 
respective banks.

[snip]

http://news.netcraft.com/archives/2006/03/27/phishers_hack_bank_sites_redirect_customers.html

- ferg


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg () netzero net or fergdawg () sbcglobal net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.