Mobile phishing attacks on US institutions revealed (video)

24 Apr 2015

Research from AdaptiveMobile appears to show a worrying amount – although decreasing – of phishing attacks on US financial institutions, with anything from credit unions to major banks in the crosshairs.

The security company’s graphic of the report is quite revealing, showing a timeframe of phishing attacks heading from coast to coast late last year.

Initially, multiple banks in Pennsylvania and Indiana come under attack, before it spreads a little west. Credit unions and banks in New Jersey were then hit big time over Christmas and New Year, before multiple banks were hit on Martin Luther King weekend.

The visualisations demonstrate the solar-flare-like patterns of regional bank attacks, which show how local bank customers are being scammed by the heavy use of local cell numbers to perpetrate attacks.

As the company explained in its presentation at the RSA Conference the other day, the number plan in the US doesn’t help; because mobile and landline numbers are pretty much determined by geographical location, it is far easier for mobile spammers and phishers to target local areas.

In general, the eastern states received the most attacks, with an interesting development showing what time of day these ‘flares’ are sent. They peak around midnight, before plummeting throughout the day, rising to a high point around 8pm and staying high until 1am the following morning.

Another interesting finding was that, on the west coast, larger financial institutions were targeted. This is one of the first times that an attack of this sort has been represented visually, and it provides a powerful insight into the changing patterns and methods of cyber-criminals.

Overall volumes from these spammers are dropping due to faster detection techniques, although the reduction in overall attacks still allows for a rise in more ‘noticeable’ ones.

And phone users should know, at this stage, not to respond to erroneous texts from their banks — it’s probably not actually them…

Bank hack image, via Shutterstock

Gordon Hunt was a journalist with Silicon Republic

editorial@siliconrepublic.com