Bank Systems & Technology is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


02:24 PM
Connect Directly

"Puddle Phishing" Hits Small Banks, Credit Unions

Phishers are baiting users of smaller banks, a security firm says, calling the practice "puddle phishing."

Phishers are baiting users of smaller banks, a security firm said Monday, calling the practice "puddle phishing."

"In the past, phishers focused on mainstream consumer sites with millions of users, but now the targets are becoming much smaller and more localized," said Dan Hubbard, senior director of security at Websense, in a statement. "By targeting a bank with just a few branches, the number of potential phishing prey is reduced to a much smaller number, sometimes to just a few thousand people. Nonetheless, the fact that we are seeing more and more of the smaller financial outlets being targeted by phishing attacks may indicate that this is a highly profitable scam."

San Diego, Calif.-based Websense has spotted more than 30 scams involving small-scale credit unions since the first of the year, Hubbard added, some of which have as few as 11 branches. One scheme targeted a credit union that serves employees and staff of the White House.

While the size of these targets may differ from mainstream phishing, the attack techniques are the same. "The style and dynamics are very similar on many of these recent puddle phishing attempts, which may mean that there is some tool sharing or a small amount of attackers behind this recent wave," said Hubbard.

And even though they're small, credit unions and local banks certainly fit the profile of phishing attack victims. In April, the most recent month for which there is data from the Anti-Phishing Working Group, 84 percent of the brands phished were from the financial services sector.

Comment  | 
Print  | 
More Insights
Register for Bank Systems & Technology Newsletters
Bank Systems & Technology Radio
Archived Audio Interviews
Join Bank Systems & Technology Associate Editor Bryan Yurcan, and guests Karen Massey and Jerry Silva from IDC Financial Insights, for a conversation about the firm's 11th annual FinTech rankings.