M86 Security claims to have spotted new phishing trend

According to Neale, in recent times, he and his team at M86 have seen a number of phishing emails where the phishers impersonate a third party that may have a plausible reason for interacting with your bank, such as a tax department.

"The phishers then attract victims to a landing page via spam where they are asked to choose their bank from a selection. They are then shown a fake login page for that bank. This increases the chance of a phisher matching a bank to a potential victim", he said.

In one of the latest emails detailed in his security blog, Neale says it suggests the internet user is eligible for a tax refund from HM Revenue and Customs. By clicking the 'Refund Me Now' link they can be on their way to receiving their tax refund.

Following the link takes the recipient to a highly sophisticated phishing landing page that features the logos of 15 banks, each of which is link to a fake banking website that is similar to that banks real website.

This latest attack, says Neale, is almost identical to one seen two months ago in New Zealand.

"This is just another technique cyber criminals are using to increase their returns as people become more aware of how phishing attacks work", he said.

What’s Hot on Infosecurity Magazine?