Phishing that is targeted at a small company.
Scary statistics about Internet security were the subject of another speaker, David Culbertson, vice president, research and development, for Computer Services Inc. in Paducah, Ky.
There is a new phishing technique called "puddle" phishing being employed against community banks, which are the "puddle" since they are a smaller target that has been off the phishers' radar screen until now, he explained. While large banks have done a good job of educating their customers against phishing attacks, community and regional banks have not done so well.
Bill Poquette, "Nebraska Independent Community Bankers," Bank News, December 1, 2005
Traditional phishing is when spammers send users official-looking e-mail messages to request such data as social-security numbers or passcodes, and threaten to deactivate, block or restrict users' accounts if they do not update their personal information. Until now, the practice has largely been directed at customers of large, multinational banks. But according to Websense Security Labs, which reports on Internet security threats, the number of small credit unions targeted by puddle-phishing scams have tallied more than 30 since the beginning of the year. At least one of the community banks targeted has only 11 branches, while another puddle-phishing attack targeted a credit union that serves employees and staff of the White House.
"Phishing Flows Downstream," VAR Business, August 8, 2005
Websense, Inc. (NASDAQ: WBSN), the world's leading provider of employee internet management solutions, today announced that phishing scams are increasingly being directed at smaller, more targeted groups, including local banks and credit unions. Websense® Security Labs™ coined the term "puddle phishing" to describe the phenomenon of targeting customers of small financial institutions.
"Puddle Phishing: Small, Local Institutions Now Targeted by Online Fraud," Websense Press Release, June 13, 2005