Three Florida bank servers hacked

By

An investigation continues into the hacking of three Florida banks' web servers.

The unique attack, which allowed the fraudsters to redirect customers to spoofed sites so they could steal confidential account information, resembled pharming, a variant of phishing, in which cybercriminals redirect legitimate traffic to a bogus web site resembling the real thing.


In this case, users were asked to provide credit card and Social Security numbers to the thieves.

Capital City Bank, Wakulla Bank and Premier Bank were targeted in the scam, the Tallahassee Democrat reported. No arrests have been made, and officials said a "minimal" number of customers were affected. Financial losses were said to be small, and the banks said they will reimburse anybody who had money stolen.

Bob Breeden, head of the Florida Department of Law Enforcement computer crimes division, could not be reached for additional comment today.

The incidents occurred March 14, and the bank's real websites were normally operating two days later, the newspaper reported.

"This new scam is like phishing without the intervening electronic mail step," John S. Quarterman, president of security vendor InternetPerils, said on his Perilocity blog. "Because it is the bank's own web server that is compromised, the customer has even less reason to suspect anything amiss. Fortunately, it should be easy for banks or their hosting providers to stop."

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

CBA using facial recognition logins to verify disputed payments

CBA using facial recognition logins to verify disputed payments

Qantas contacted by "potential cyber criminal"

Qantas contacted by "potential cyber criminal"

SA Power Networks tackles IAM, cloud security under five-year strategy

SA Power Networks tackles IAM, cloud security under five-year strategy

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack

Log In

  |  Forgot your password?