Financial services companies have always been primary targets for scammers, with account takeover the ultimate prize. If successful, phishing scams on digital banks reward attackers with sensitive data they can use for financial gain, identity theft or brand damage.
With this in mind, Segasec monitored several prominent digital banks between Oct. 17 and Nov. 5. The research uncovered hundreds of dangerous URLs and many live attacks. Following is data on three targeted brands.
As background, Segasec was looking for suspicious URLs, “suspect” assets that might signal imminent attacks and, of course, attacks in progress. Segasec acted without insider knowledge—none of the monitored companies were Segasec customers.