Dozens of Russian Banks Phished By Crooks Pretending To Be FinCERT

itwbennett writes: CSO Online's Steve Ragan reports that dozens of Russian banks were targeted this week by meticulous attackers who formatted a Word document 'to look like a legitimate FinCERT bulletin – suggesting that the attackers took their time to learn proper protocol and standards. A remarkable feat, considering FinCERT notifications are usually not for public consumption,' says Ragan. The attackers also were reportedly particular about their messages and to whom they were addressed. They even timed the email campaign to coincide with the lunch rush, presumably thinking that workers hurrying to get out of the office would be less cautious. Their only misstep, in the form of a grammatical error, came the next day when they sent the message out to hundreds more banks.

can you say...

[sociocapitalist]

Inside job?

Aren't most Russian hackers only free because...

[He Who Has No Name]

...of an informal "no Russian" understanding with Moscow?

I suspect this may get them unwanted attention.

Re:

It's quite a long stretch to assume that the hackers were Russian. Perhaps they were, but it's more likely that they pulled this off from abroad for safety reasons.

Re:

[Coren22]

Do the Russian banks even have any foreign currency left? Who else would want some rubles.

Wait..

[invictusvoyd]

Macros , flash and remote assistance in banks . whats missing ?

Default passwords.

What's FinCERT?

[wonkey_monkey]

So what's FinCERT when it's at home?

No, I can't just Google it. Lazy editor is lazy.

Jealousy

[TechyImmigrant]

I envy the smooth, we polished phishes some people get. I just get crappy "Update your PayPol Urgent!"

Sciences AND Arts

[taliesinangelus]

Their only misstep, in the form of a grammatical error, came the next day when they sent the message out to hundreds more banks.

Should have studied more than STEM!