[span class="storyHEADLINE"]Hackers Tap Banks' Web Sites In Unique Phishing Attack[/span]
[a href="vny!://www.internetweek.cmp.com/showArticle.jhtml?articleId=184401150"]vny!://www.internetweek.cmp.com/showArticle.jhtml?articleId=184401150[/a]
[img]vny!://i.cmpnet.com/v2.internetweek.com/blank.gif" border="0" height="5" hspace="0" vspace="0" width="2"]
[span class="orange12BOLD"][/span]
[span class="byline"]By Antone Gonsalves [/span] [img]vny!://i.cmpnet.com/v2.internetweek.com/blank.gif" border="0" height="3" hspace="0" vspace="0" width="2"]
In an unusual form of phishing, hackers cracked the computers hosting the Web sites of three Florida banks, redirecting banking customers to a bogus homepage in order to steal account information and other personal data.
ElectroNet Intermedia Consulting, the Tallahassee, Fla., service provider that hosts the sites of Capital City Bank, Wakulla Bank and Premier Bank, told the Tallahassee Democrat newspaper that the scam was spotted within an hour after it started March 21, and the sites were shutdown for a short period.
The Florida Department of Law Enforcement was investigating the case, and no arrests had been made. Neither the FDLE nor ElectroNet were immediately available for comment.
The incident marked a new tactic in phishing, a form of deception in which crooks use spam to lure people to bogus banking sites to enter passwords and other personal information, said John Quarterman, chief executive of Austin, Texas-based, InternetPerils Inc., which tracks Internet scams.
The hackers entered two servers running Microsoft Internet Information Services and planted the script needed to redirect people from the banks' legitimate sites to a bogus one, Quarterman said in his blog.
According to the Democrat, when people clicked on the fake page to get to their accounts, they were sent to another bogus page requesting the personal information.
"This new scam is like phishing without the intervening electronic mail step," Quarterman said. "Because it is the bank's own Web (hosted, in this and no doubt many other cases) server that is compromised, the customer has even less reason to suspect anything amiss."
The trick, however, should be easy to detect, if the service provider frequently runs automated tests that compare URLs to what they should be, Quarterman said.
"It is, unfortunately, very hard for bank customers to detect, since the bank site looks just like it always did," he said.
The banks are not saying how many customers were duped, or how much money was taken, the newspaper said. People who lost money in the scam were reimbursed.
Walter Dobson, president of Wakulla Bank, told the Democrat that ElectroNet and several online customers who suspected something was wrong with the site notified him of the break-in. Wakulla has offices in three Florida counties.
Capital City has offices in Florida, Georgia and Alabama; and Premier Bank has offices in Tallahassee.
While the latest scam may not reap a lot of money from each bank, crooks can do well in the long term by hacking into a lot of little banks, Quarterman said.
"If they do this successfully to a few hundred small banks scattered around the world, they can make enough money to retire and disappear," he said.