Chinese Bank Hosts Phishing Sites

Netcraft, a provider of internet security services and research, is reporting that a recent batch of phishing web sites targeting Chase Bank and eBay were hosted by state-owned Chinese Construction Bank. This apparently is the first time a bank’s servers have been used to attack another bank.

The phishing emails were sent out in mid-March offering $20 for users to fill out a survey. As part of the survey, users were asked for their account username and password, credit card number, PIN, and security number as well as their SSN and mother’s maiden name. The phishing pages were hosted on an IP address assigned to China Construction Bank, Shanghai Branch.

It’s unclear if the attack was generated by the bank itself, by one of its employees, or by someone who had compromised the bank’s servers.

Read more on the Netcraft site…

Author: Richard Patterson

Share This Post On

Submit a Comment