Technology
Cybercriminals Target JP Morgan Chase
Customers at JP Morgan Chase are being targeted in an elaborate email phishing scam that attempts to collect data for the bank as well as infecting the computer with a virus that steals passwords from other institutions, reports Reuters.
Clients at JP Morgan Chase & Company are being targeted in an elaborate email phishing scam that attempts to collect data for the bank as well as infecting the computer with a virus that steals passwords from other institutions, Reuters reports.
A campaign called “Smash and Grab” was launched on Tuesday with a widely distributed email that requests users to click to view an urgent message from JP Morgan.
JP Morgan confirmed to this publication that spammers had launched a phishing campaign targeting its customers.
"It looks like they sent it out to lots of people in hopes that some of them might be JP Morgan Chase customers,” a spokesperson said.
JP Morgan said that the email looked authentic as the attackers had used a screen grab from an original email from the bank, but believed that most of the spam was stopped by filters at large internet providers.
Users are asked to click on a link that then asks for their details. Even if they do not enter them, the site attempts to install the Dyre banking Trojan.
Dyre is a new banking Trojan that can bypass encryption to steal account credentials and has been targeting account holders of certain banks in particular, including CitiGroup, Bank of America, RBS Ulsterbank and NatWest. According to firms analyzing the threat, it is part of a completely new family of malware.
Wealth management companies based in the UK, US and Germany are the prime targets for hackers hunting monetary rewards.
The hackers often work together in what are known as “cyber syndicates” – 100-man teams focused solely on breaking down corporate security systems. And evidence shows they are becoming increasingly more sophisticated, recently developing a practice commonly known as “spear phishing”. For a recent article on threat cyber criminals pose to the wealth management industry, click here.