8-25-14 An attack targeting JP Morgan and Chase Customers in the United States

“Diligence is the mother of good fortune and idleness, its opposite never brought a man to the goal of any of his best wishes.”

-Miguel De Cervantes


JPMorgan Chase customers targeted in massive phishing campaign

http://www.scmagazine.com/jpmorgan-chase-customers-targeted-in-massive-phishing-campaign/article/367615/

http://www.darkreading.com/jp-morgan-targeted-in-new-phishing-campaign/d/d-id/1306589?

C-IT Recommendation

  1. Provide social engineering awareness for your customers. Ensure you communicate specifically how your organization will communicate with them. Post your communication policy on your company’s website.  Warn them that any other forms of communication should be held in suspicion.
  2. Ensure your organization has a contact number on your website to reference so customers can validate contact numbers provided in correspondence that appear to come from your organization.
  3. Establish fraud monitoring services for your customers that baselines his/her account activity and alerts the customers when activity is out of bounds of their normal habits with your organization

Article Resources

Proofpoint’s Analysis of J.P Morgan and Chase Attack

http://www.proofpoint.com/threatinsight/posts/smash-and-grab-jpmorgan.php

 

Leave a Reply

Your email address will not be published. Required fields are marked *