Computer Superheroes

Providing Small Businesses with Local Technical Support, Cloud and Managed IT Services

Call Today - 720.205.5250

  • Services
    • Guardian Managed IT Services
    • Technical Support
    • Backup Solutions
    • Microsoft Exchange Email
    • Computer Equipment Sales
  • Company
    • Our Expertise
    • Local Service Area
    • Remote Services
    • Customer Testimonials
      • Submit a Testimonial
  • Contact Us
    • Newsletter Signup
    • Opportunities
    • Support
  • Blog
    • Technology Tips
    • News
    • Whats New
  • Home
  • Rescue Portal

Cybercriminals Are Creating Fake Banking Websites That Look Like the Real Deal

September 25, 2017 / admin / News

Banking trojans have been around for years. If your computer is infected, the trojan waits until you visit your online banking website. When you do, it redirects you to a malicious website that looks like your bank’s site. If you enter your banking credentials, they will fall into a cybercriminal’s hands.

In the past, you could usually spot a fake banking site by looking at its URL. The fake site would not have the same URL as your real bank’s web address. Plus, the fake site’s URL would start with “http” rather than “https”. The missing “s” means that the site does not have a Secure Sockets Layer (SSL) certificate. All legitimate banking sites use SSL to secure their Internet connections.

Looking for these clues may no longer work, though. In July 2017, cybercriminals started using a Trickbot trojan variant that sends recipients to a fake banking site that looks exactly like the real deal. The fake site even displays the real bank’s URL and SSL certificate.

How Trickbot Might Get on Your Computer

Phishing emails are being used to infect computers with Trickbot. According to the Flashpoint researchers tracking Trickbot, cybercriminals are using a spamming botnet to send out a massive number of these emails in 17 countries, including the United States, United Kingdom, and Canada.

The phishing emails try to get the recipients to open an email attachment. The type of attachment and the pretense used to trick people into opening it varies. For instance, in one campaign, the emails were supposedly from the UK-based Lloyds Bank. Recipients were told to review and sign an attached Microsoft Excel file. To sign it, they had to enable the embedded macro, which initiated a process that loaded Trickbot onto their computers.

How to Avoid Becoming a Victim

Although it might be nearly impossible to distinguish between a real banking website and a doppelganger created by the Trickbot trojan, you can avoid becoming a victim of this scam. All you need is a healthy dose of skepticism and a little knowledge on how to spot phishing emails. An email might be a phishing attack if it contains one or more of these elements:

  • A generic greeting. When cybercriminals send out phishing emails, they send them out to the masses. As a result, they often start the emails with a generic greeting, a simple “Hello”, or no greeting at all.
  • An attachment. Legitimate financial institutions typically do not email files out of the blue. So, unless you specifically requested a document from an organization, be wary of any email attachments. Be especially wary of attached Microsoft Word and Excel files in which you are supposed to enable a macro.
  • A spoofed email address. Phishing emails often include a spoofed email address or name in the “From” field.
  • A sense of urgency. A common tactic to get you to fall for a phishing scam is to create a sense of urgency. Cybercriminals first let you know about a problem that requires your attention. Then, they let you know that there will be unfortunate consequences if you do not take action quickly.
  • A request to update or verify information. To get you to open an attached file or click a link, some phishing emails ask you to update or verify information.
  • A deceptive URL. Phishing emails sometimes include deceptive URLs. A deceptive URL is one in which the actual URL does not match the displayed web address or linked text. For example, the displayed text might specify a legitimate bank name (“U.S. Bank”) or bank web address (“https://www.usbank.com”), but when you hover your mouse cursor over it (without clicking it), you might discover that the actual URL leads to a website in Russia. These deceptive links can lead to fake websites.
  • Misspellings or grammatical errors. Many phishing emails come from cybercriminals in foreign countries, so they might contain misspellings and grammatical errors. Plus, intentional misspellings can sometimes help get emails past spam filters.

Comments are closed.

Follow Us

  • Facebook
  • Linkedin
  • Twitter

 

Testimonials

I’m really impressed by the time Jeff Lorenzen spent with making sure that the changes I wanted to make to upgrade my system would work for me. I was also impressed by the comments he made about how I could speed up my system.

Jeffrey Wallace, Boulder

Recent Posts

  • Running WhatsApp on Your Smartphone? Make Sure It Has the Latest Update
  • 7 Ways Businesses Can Use Office 365 More Securely
  • Is Your SaaS Data at Risk?
  • Save Time by Setting Up Rules in Outlook and Gmail
  • 5 Ways the May 2019 Update Can Make You More Efficient When Working with Windows 10
© Computer Superheroes | Phone: 720-205-5250 | FAX: 970-532-3189
legal, privacy policy

Follow Us:

  • Facebook
  • Linkedin
  • Twitter