Menu 

Spear phishing attack targeted at BSA officers at US Financial Institutions

Spear phishing attack targeted at BSA officers at US Financial Institutions

By Stephen Heath – Partner and Advisory CISO – Intrinium 

A relatively sophisticated spear phishing attack has been reported by InfoSec journalist Brian Krebs of Krebs on Security that appears to target many US financial institutions, including Banks and Credit Unions.

The pretext of the attack is an email purporting to be from a fellow BSA Officer at another institution reporting that a transaction has been flagged for money laundering and attempts to trick the victim into clicking a link embedded in a PDF. It was initially believed that this attack targeted only Credit Unions, but that has since proven to be incorrect as Banks have been targeted as well by this campaign.

The source of the contact list containing all BSA remains to be seen and could potentially include all registered 314(b) contacts.

Pin It on Pinterest

Share This