RSA: UK banks still a favourite target for phishers

Financial institutions in the UK accounted for nine per cent of the global phishing attacks against banks, according to the latest online fraud report by RSA.

However, this figure is dwarfed by the number of banks in the US attacked by phishers. Nearly three quarters (70 percent) of all financial organisations targeted by online fraudsters were based in the states.

“Banks in the UK are an attractive target to phishers because the payment systems in the country are very good and efficient,” said Uriel Maimon, senior researcher at RSA.

“There is also the high adoption of card-not-present payments, and that means that there are a lot of fraud victims. The payment systems in the UK are set to get even faster, with instantaneous transactions, which is only going to make the situation worse.”

The US also dominates the chart of malware-hosting countries. The number of attacks originating there increased last month to 59 percent, according to the report. Hong Kong hosted ten per cent of attacks and came in second place, followed by Germany with eight per cent.

The research also discovered a new type of phishing kit last month. The set is a single file that creates a phishing site on a compromised server once it is double-clicked, researchers at RSA’s Anti-Fraud Command Centre (AFCC) said.

Unlike traditional phishing kits, the new “plug-and-play” tools automate the website installation process. The kit is a single PHP code file, which is run on the compromised server once and automatically creates the relevant directories and installs the malicious files.