Phishing fears follow cyber attack on 200,000 Citigroup customers

9 Jun 2011

The nature of the data stolen in the latest cyber attack that has seen 200,000 accounts – or 1pc of US banking giant Citigroup’s customer base – hacked by a cyber gang will make it easy to create plausible ‘phishing’ emails, users have been warned.

As reported earlier on, hackers successfully infiltrated the servers of Citigroup early last month.

The hackers gained access to account numbers, customer names and contact information. However, other vital information, like social security numbers, card expiry dates and CVV codes, weren’t accessed.

However, security experts warn that enough information has been gleaned to allow hackers to construct and send plausible ‘phishing’ emails in an attempt to con those affected into handing over additional information, which would enable crimes such as card fraud or identity theft.

Watch out for unsolicited contact

“Unsolicited contact claiming to be from your bank or credit-card issuer should be treated with suspicion – even if they appear to have quite a bit of information about you already, and particularly if they want to provide any information over the phone or in the case of an email to do so by replying or clicking on a link,” said Dermot Williams from Threatscape.

“Only contact financial institutions by calling numbers already known to you from sources such as your cards or statements, and only visit their websites by directly entering the address into your web browser.

“Another routine security tip for consumers is to only provide their personal data online to trusted and secure organisations. But with recent breaches affecting major names like Sony and now Citibank, consumers can be forgiven for wondering who they can trust with their data. And as for Citibank – they no doubt will be wondering if in the aftermath of this data breach, their customers will forgive them,” Williams said.

Ron Gula, CEO of Tenable Network Security, said the Citigroup attack demonstrates the need for online services to deploy real-time vulnerability scanning.

“Organisations need to assume that malicious code is going to infiltrate their networks, so what’s needed is a system that will continuously monitor the entire organisation’s network, to immediately flag when there is a compromise, or potential vulnerability discovered from internal or external sources.”

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years