Widespread Phishing Campaign Targets Financial InstitutionsAaron Higbee of Cofense Describes Recent Necurs Botnet Attack
A phishing attack on Wednesday targeted at least 2,700 banking institutions of various sizes in the U.S. and around the world, explains Aaron Higbee, CTO and co-founder of Cofense, which detected the attack.
Cofense's discovery of the shift in behavior of the Necurs botnet is unlikely to be related to the imminent ATM jackpotting attack for which the FBI has issued a warning, Higbee says in an interview with Information Security Media Group. But the global phishing campaign could be the prelude to some sort of broader attack, he adds.
"If I was a cybercriminal who had an interest in doing one of these large ATM jackpotting schemes, one of the foundational things that I would have to do first is have a list of compromised banks, and that would give me access to account numbers and maybe even the ability to alter the withdrawal limit," Higbee says.
In this interview (see audio link below photo), Higbee also discusses:
- Details of the behavioral shift of the Necurs botnet to focus on phishing financial institutions;
- The unique attributes of this phishing attack;
- Preventive measures that banks should deploy.
Higbee is the co-founder and CTO of Cofense, formerly known as PhishMe. He previously co-founded Intrepidus Group and served as principal consultant for McAfee's Foundstone division.