Click to return to BOL home page
Banker Store eCard Exchange Vendor Connect Career Connect Learning Connect Bankers Information Network
Home Compliance Lending Operations Security Marketing Technology/eBanking
Top Stories Bankers' Threads BOL Conferences CrimeDex Em@il Education FREE Briefings Record Retention

   

















    Site Map

    Our Sponsors

    Home


Print Friendly! Email This Article! Discuss NOW!



Phishing Scams Continue Around the Globe
Banks in U.K, Canada Are Latest Targets

by Michele Petry


Just days after the OCC issued guidance to U.S. financial institutions, customers of Barclays Bank in Great Britain, BMO Bank of Montreal and Toronto-based Mouvement des Caisse Desjardins were struck with a similar style of "phishing" email scam.

In all three cases, cyber-fraudsters sent email messages which were designed to appear as if they originated from the bank. The email contained a link to what looked to be the bank's Web site, but was in fact a spoofed Web site.

Customers were then prompted to enter personal information such as passwords and personal identification numbers, which could then be used by the hackers to compromise customer accounts.

In the case of one of the Canadian institutions hit by the scam, officials were able to quickly locate and shut down the spoofed Web site. However, that did not deter the persistent hackers from sending out a second email, again purportedly from the bank. This time the email said the hackers had been caught but in the process their personal information might have been deleted, and asked them to resubmit their information.

While the latest reports of "phishing" affected non-U.S. financial institutions, these incidents are on the rise. Citibank was a recent victim of a phishing expedition (see our article entitled Information Security Involves Customer Service, Too: Is your call center staff prepared? ).

Financial institutions need to educate their customers about the manner in which they will or will NOT request information from their customers.

The OCC offers financial institutions the following advice and suggestions for protecting against "phishing" scams:
  • Provide notices on Web sites reminding customers that the bank will never request confidential information through email and to report any such requests to the bank.
  • Print warnings and notices on customer statements or other paper mailings.
  • Maintain current Web site certificates and describe how the customer can authenticate the bank’s Web pages by checking the properties on a secure Web page.
  • Refer customers to or use Federal Trade Commission (FTC) resources to develop educational brochures to explain the red flags and risks of identity theft.
Related article:
Information Security Involves Customer Service, Too: Is your call center staff prepared?

First published on BankersOnline.com 9/18/03


Home | Compliance | Lending | Operations | Security | Marketing | Technology | eBanking
BOL Archives    Privacy Policy    Important Disclaimer   Recommend This Site !   Contact Us


BankersOnline is a free service made possible by the generous support of our advertisers and sponsors. Advertisers and sponsors are not responsible for site content. Please help us keep BankersOnline FREE to all banking professionals. Support our advertisers and sponsors by clicking through to learn more about their products and services.