Is Your Bank Account Safe From the Latest Phishing Scam?

By on

Cybercrooks are at it again, and this time they’re going after bank accounts in Europe and Asia.

According to a new report from Trend Micro, a computer security company, hackers have bypassed banking protections and accessed online accounts in Japan, Sweden, Austria and Switzerland. American banks haven’t been affected – not yet, anyway.

If you’re like me, cybersecurity and tech talk can cause your eyes to glaze over. But it’s very important to know how to protect yourself.

From our Solutions Center: Find a better checking account in seconds

This latest scam bypasses the two-factor authentication system at banks, which typically requires people to input a password and then enter a second one-time password, which they receive by email or text. Entering two passwords is supposed to make it more difficult for criminals to hack consumers’ accounts, The New York Times said.

In theory, it sounds great. Unfortunately, hackers have found a hole. Because of this, Trend Micro dubbed the new online banking attack Operation Emmental – because online banking protections, like Swiss cheese, are full of holes.

According to Credit.com, Operation Emmental’s approach is unconventional.

The attack exploited what some would consider the weakest link in the chain when it comes to security — the users themselves. That’s right, the scammers circumvented any security protections that were in place at the financial institutions by going directly to the customer base.

Here’s how the scam works: A consumer receives a phishing email that appears to be from the bank or a trusted retailer. Consumers who click on the links in the emails inadvertently allow malware to be installed on their computer or other device.

When the unsuspecting consumer tries to log on to their banking page online, they are redirected to a fake site. So when the user enters personal information – username, account number, PIN – the hacker gets that info. Then the phony site prompts the user to install an app to complete the transaction. After the app is installed, the cybercrooks have all the information they need to clean out victims’ bank accounts.

Although Operation Emmental hasn’t hit the U.S. yet, it could. According to JD Sherry, vice president of technology and solutions for Trend Micro, Europe has more security in place than the U.S.

Sherry told Credit.com:

Many U.S. banks are still slow to implement multifactor authentication, especially as it pertains to mobile banking. This should be of great concern for the entire financial community. As we see most often with sophisticated criminal campaigns such as Operation Emmental, testing will be conducted against various financial institutions across the globe to determine success rates before putting the crosshairs directly on the U.S. financial sector.

Follow these tips to protect yourself against all phishing scams:

  • Don’t click. Think twice before opening attachments or clicking on email links, especially if you don’t recognize the sender. That’s an easy way for you to unknowingly download malware.
  • Use spam filters. Oftentimes spam filters can fish out any unwanted emails before they hit your inbox.
  • Be cautious. If you think an email you received from a company is legit, call the company directly to check on the validity of what you received. It’s better to be safe than sorry.

Have you fallen victim to a phishing scam? Share your thoughts below or on our Facebook page.

Sign up for our free newsletter

Like this article? Sign up for our newsletter and we'll send you a regular digest of our newest stories, full of money saving tips and advice, free! We'll also email you a PDF of Stacy Johnson's "205 Ways to Save Money" as soon as you've subscribed. It's full of great tips that'll help you save a ton of extra cash. It doesn't cost a dime, so why wait? Click here to sign up now.

Check Out Our Hottest Deals!

We're always adding new deals and coupons that'll save you big bucks. See the deals to the right and hundreds more in our Deals section.

Click here to explore 1,373 more deals!

Comments & discussion

We welcome your opinions, but let’s keep it civil. Like many businesses, we reserve the right to refuse service to anyone. In our case, that means those who communicate by name-calling, racism, using words designed to hurt others or generally acting like an uninformed bully. Also, comments that include links to email addresses or commercial websites typically aren't posted. This isn't a place to advertise your business.

  • shondell mann

    This is exactly what I mean most people would not believe, that clicking on to e-mails for the purpose of satisfying curiosity, is enough to cause havoc. We must believe that there are plenty false service providers, and they are as hungry as quick sand ready to devour any unsuspecting prey!

    • katep864

      Maria . you think Leonard `s storry is inconceivable,last thursday I bought a great Alfa Romeo from having made $4878 this last five weeks and-even more than, 10-k this past-munth . this is certainly the coolest job I have ever had . I began this 9-months ago and almost immediately began to make more than $75 per-hour . For more information click FINANCIAL REPORT in ………. PAYRAP.ℭℴℳ

  • katep864

    nice