Community bank attacks phishing away from home with BrandProtect

download pdf version of this case study

As with most financial institutions today, online banking has become an integral part of the organization’s service to its customers. As such, the bank’s Information Technology (IT) department has always been very proactive in adopting technologies to prevent fraud and unauthorized access to information.

Other phish in the sea

In early 2008, the bank began receiving complaints of a phishing attack. However, the attacks – which were growing exponentially each day – were targeted at another bank with the same name in another state. According to the bank’s Security Director, “As far as phishing attacks are concerned, the volumes were unbelievable. Although it wasn’t our bank, a lot of customers that were receiving [the fraudulent emails] felt that it was directed at us.”

As a result, the bank’s website was being bombarded with reports from all types of customers – from large corporations to students – of phishing emails appearing in their inboxes. “We ended up spending a lot of time responding to the complaints in order to clarify that it was not our bank and to redirect their complaints to the appropriate bank,” says the spokesperson. “We even provided an email link to the other bank’s site so they could lodge their complaint with the right company.”

While the bank’s IT department continued to respond to the flood of incoming emails, it repeatedly contacted the other bank to check their progress on dealing with the attack, he adds. “Every day we were getting more and more emails. At its peak, we were getting 30 to 50 reports a day. The problem was escalating exponentially, and it seemed that nothing tangible was being done to stem the tide.”

It became evident that even though the attack wasn’t directed at the bank, the organization felt its reputation would suffer adverse effects from all the phishing activity. Its own customers were feeling it was responsible for allowing the attack to continue.

Taking charge of a phishing crisis

The bank decided rather than simply responding to emails and providing links to reports it was time to take the situation in hand. It turned to BrandProtect to deal with the phishing attack at its source. “It was a little out of the ordinary, since the attack was directed at another bank; but the job of handling the phishing email complaints was consuming a lot of our IT resources. We knew BrandProtect had the resources to do the job,” explains the Security Director.

The bank was already a user of BrandProtect’s StrikePhish service since the fall of 2007. This turnkey offering provides community banks and credit unions with a complete end-to-end program to protect against phishing attacks and web-linking threats. Based on BrandProtect’s enterprise-level phishing solution, StrikePhish is tailored to meet the specific security needs of credit unions and community banks, at an affordable price. Services include rapid response to deal with phishing attacks, 24x7 response to abuse email, incident response guidelines, weekly link checking and customer communications.

“When we first looked at an anti-phishing solution, BrandProtect came highly recommended says the Security Director. “They had a reputation for being industry leaders and very proactive.” The bank had worked with BrandProtect on an earlier minor phishing situation involving a single site in Korea. Although the bank had identified the site in question, the IT department had been spending considerable time trying to disable it with no results. “It was like climbing uphill and running into roadblocks every day,” explains the Security Director. When BrandProtect took on the problem, the site was taken down within 48 hours.

(Continue)