The hackers behind the rising tide of phishing attacks are taking a new approach it seems. Reports from the US say that the Web portals of three Florida banks were hacked into recently, redirecting customers to a bogus portal in an attempt to extract customer information.
According to the Tallahassee Democrat newspaper, ElectroNet Intermedia Consulting, the Florida-based ISP that hosts the Web sites of Capital City Bank, Wakulla Bank and Premier Bank, reported that the sites had been hacked into on March 21 for a period of about an hour.
The paper says that the Florida Department of Law Enforcement is currently investigating the case, but that no arrests have yet been made.
According to John Quarterman, the CEO of InternetPerils Inc., a Web site that which tracks Internet scams, the hackers gained unauthorised access to two servers running Microsoft IIS and planted a script required to redirect people from the banks' legitimate sites to a bogus portal.
"This new scam is like phishing without the intervening electronic mail step," said Quarterman in his blog.
"Because it is the bank's own Web (hosted, in this and no doubt many other cases) server that is compromised, the customer has even less reason to suspect anything amiss," he added.
The hacking technique should be easy to spot, however, if the ISP frequently runs - as all good ISPs should - an automated series of tests that checks the correct URLs are being routed to.
This latest scam is, says Quarterman, very difficult for customers to detect, as the bank site looks just like it always did.
The paper says that, although the banks are not saying how much dosh was lost or how many customers were affected, they are reimbursing the affected customers.
All very reassuring. But what would happen if a major bank's Web site was hacked for a long period of time. The losses could be significant. Would the customer get reimbursed then?
All in all, a worrying case and one that highlights the need for two factor authentication when accessing e-banking services...