Industry News Home More stories like this... RSS Feed

Phishing technique raises more concern for financial organisations

Cyber crooks have devised a new method of ensuring their phishing scams have a greater impact on potential victims by launching attacks that can compromise the online security of secure web sessions.

Banks and financial institutions are the main target of the attack, which involves hackers gaining control of a bank's domain name by compromising domain name systems (DNS) according to Trusteer Ltd.

Amit Klein, the chief technology officer of the company, warns that the 'in-session' attacks have greater chances of success "since they occur after a user has logged onto a banking or other secure website".

"Our research has found that all the leading browsers, based on their design, are vulnerable to this technique."

He went on to urge consumers to "practice safe web browsing techniques especially when accessing financial applications".

Cisco's annual online security report recently warned that online threats were becoming increasingly sophisticated as criminals become even more professional.