Attack Spotlight: Phishing Emails Mimic Real Banking Messages

Attack Spotlight: Phishing Emails Mimic Real Banking Messages

June 05, 2019
Gretel Egan

Proofpoint researchers are warning of a phishing trend that uses well-known banking brands to trick users into compromising business and personal banking accounts. Our latest Attack Spotlight, available now, provides free, timely content you can immediately share with your end users to help them avoid these types of phishing attacks.

Warn Employees about Trending Bank-Themed Phishing Attacks

Proofpoint threat intelligence has identified recent phishing attacks targeting more than 280,000 inboxes and abusing more than 160 financial brands—and those numbers are only increasing. These credential compromise and business email compromise (BEC) phishing lures are particularly dangerous when they reach privileged users who have access to corporate financial account information, though the attacks have been seen targeting individuals at all organizational levels.

Our Attack Spotlight resources are free to access and distribute to your end users. In each installment of our ongoing series, we offer ready-to-use email content; a security awareness PDF detailing the threat in easy-to-understand terminology; and a short awareness module with action-oriented tips for identifying and avoiding these phishing threats. End users are able to view examples of the attacks that are being distributed, as well as actionable tips that will help them identify and avoid suspicious emails.

Our latest awareness materials inform users of the following:

  • Attackers are using well-known branding (including familiar logos and other design elements) to lend credibility to emails, attachments, and web pages.
  • Attacks could come in the form of fear mongering (such as a warning that there’s a problem with their bank account or transaction) or a fraudulent request for a money transfer or transfer authorization.
  • A successful attack could result in the loss of funds and/or the use of compromised accounts to request fraudulent bank transactions.

Download Our Free Resources Today

These new security awareness materials are now available. If you have not used these tools in the past, be sure to visit our Attack Spotlight archive to access free resources about other trending phishing attacks, including those targeting Office 365, OneDrive, and DocuSign users.