July 1, 2019
Threat Type
Phishing
Entry Type
Threat Summary
Discovered By
Lookout
Threat Type
Crimeware
Platform(s) Affected
Phishing
Threat Summary
Lookout
Crimeware
Key Facts
- This is a mobile-only phishing campaign.
- Works by guiding bank customers through false account validation.
- All institutions with potentially affected customers were notified upon discovery.
Background and Discovery Timeline
In early 2020, Lookout Phishing AI discovered a malicious phishing campaign targeting North American banking and financial institutions with a particular focus on customers of Canadian-based organizations. The campaign clearly targets mobile users, as it spreads via SMS messages and leads users to fake login pages built for mobile browsers. The back end of the campaign shows that the attacker built a tool to easily blast an SMS message to as many phone numbers as they want, which further indicates a mobile-first attack strategy.
Capabilities and Affected Parties
Lookout researchers dove deeply into this campaign and were able to access the front-end platform that the attackers used to blast SMS messages to potential victims. These messages contain links to fake login pages that appear legitimate. If the victim is tricked, the attacker steals banking credentials by guiding the victims through a number of security questions such as verifying their account number or asking for their card’s expiration date. With that information, they can easily surpass security questions and steal from the victim’s account.
Subscribe to get the latest threat reports and insights
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Other Related Threats
September 15, 2023
Scattered Spider
Scattered Spider, aka UNC3944, was able to successfully target and gain access to the infrastructure of Caesars Entertainment in its latest campaign
July 19, 2023
Lookout Attributes Advanced Android Surveillanceware to Chinese Espionage Group APT41
January 3, 2023