Barclays customers targeted by new large-scale phishing attack

COLLAB distinguished with the APDC / Siemens Innovation Award

Barclays customers are being targeted by a new attack phishing which uses a diverse set of variants to reach customers and which is generating the circulation of millions of e-mail messages on the Internet.

Panda Software labs have detected at least 61 variants of emails false, which will have produced a 30 percent increase in the number of emails fraudulent data found by PandaLabs in a few hours.

The messages in question pass through notices sent by the Barclays customer service department and inform the user of an update of software which will be completed with a visit to an Internet address provided to update data.

The form of the message and the sender change in the 61 variants analyzed, in order to circumvent the anti-spam systems, but the final objective is always to ask the customer, in the presence of a form very similar to the bank’s, the account number, the credit card or PIN.

It also changes the site to which the user is directed when accessing the requested update and the email address that sent the message. There are at least five fake domains to intervene in the attack, which makes experts assume that the attack is being carried out from various locations.

«We believe that this could be a coordinated attack, launched in several places simultaneously to spread quickly and collect a considerable amount of confidential bank data in record time,» underlines Paulo Silva, technical director of Panda Software Portugal.

Related News:

2006-08-16 – New phishing attack tries to capture data for Millenniumbcp customers