Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Information-Security-News
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ISN] Phishers Hack Bank Sites, Redirect Customers

from [InfoSec News] Network Security [Permanent Link]
Subject: [ISN] Phishers Hack Bank Sites, Redirect Customers
Date: Wed, 29 Mar 2006 02:40:21 -0600 (CST) 
http://news.netcraft.com/archives/2006/03/27/phishers_hack_bank_sites_redirect_customers.html

By Rich Miller
March 27, 2006

Phishing scammers recently hacked the web sites of three Florida banks 
and redirected their customers to spoof pages, marking an apparent 
milestone in phishers' use of bank web sites to construct more 
credible frauds. Previous scams have managed to manipulate financial 
sites through cross-site scripting and cross-frame content injection, 
but didn;t gain access to the server hosting the banks' site.

Not so for the attack on Capital City Bank, Wakulla Bank and Premier 
Bank in northern Florida. On March 14 hackers were able to break into 
the servers of ElectroNet, a Tallahassee, Fla. service provider which 
hosted the web sites for all three banks. The main business URL for 
the banks' were redirected to identical spoof sites on offshore 
servers, which asked customers to provide their login details.

The intrusion was detected about an hour after it started, ElectroNet 
CEO Allen Byington told the Tallahassee Democrat. Byington said that 
ElectroNet stores no confidential data on its computers and that the 
company was "working closely" with law enforcement agencies 
investigating the incident. The banks' sites were shut down for 
several days, and bank officials said the financial losses were 
"minimal," and that any customers who lost money were reimbursed by 
their respective banks.

Since the attackers redirected bank customers to spoof sites hosted 
elsewhere, this type of attack could be detected by users of the 
Netcraft Toolbar, which displays the name and location of a site's 
hosting service.



_________________________________
InfoSec News v2.0 - Coming Soon! 
http://www.infosecnews.org
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [ISN] Phishers Hack Bank Sites, Redirect Customers, InfoSec News <=
Previous by Date:  [ISN] Lundquist's Guide To Not Getting Fired for Losing Your Laptop, InfoSec News
Next by Date:  [ISN] Interview: Theo de Raadt of OpenBSD, InfoSec News
Previous by Thread:  [ISN] Lundquist's Guide To Not Getting Fired for Losing Your Laptop, InfoSec News
Next by Thread:  [ISN] Interview: Theo de Raadt of OpenBSD, InfoSec News
Indexes:  [Date] [Thread] [Top] [All Lists]