This new hybrid attack starts with a Banking Trojan which gets on the machine by using social engineering to get in, suspected to be email.
Once the Trojan kicks in, it looks in real time for the word “bank” in the browser and if it sees the end user go to their bank, they redirect the user to a malicious site that looks like that bank and steals their credentials. Up to now this is nothing new.
However, here is the wrinkle…
The Trojan starts to slow down the browser, and simulates “technical problems” with the site for a few minutes. Then it comes up with another popup which asks for their name and phone number so that “support can call them back”.
Next, the end-user gets a phone call from a live bad guy, claiming to be the support team of the bank, who then starts to social engineer the customer real-time and tries to manipulate the end user into divulging more detail so that the bad guy can make an immediate transfer out of the account.
This is the first time that we hear about this nasty variant on the tech support scam, but now looks like it’s tailor-made for a certain bank. You can count on this tactic being used soon for credit unions as well. Not good. Be warned!
Cyber-attacks are rapidly getting more sophisticated. GDR Group will help train your employees to better manage the urgent IT security problems of social engineering, spear-phishing and ransomware attacks. Take the first step now and email firstname.lastname@example.org to request a quote for security awareness training for your organization.