October 13, 2008
SonicWALL Identifies First Threats of Phishing Attack on Banking Customers During the Economic Crisis and Bank Turmoil
SUNNYVALE, Calif., Oct. 13 /PRNewswire-FirstCall/ -- Late last week SonicWALL, Inc. , a leading secure network infrastructure company, saw the first phishing threat to hit inboxes related to the banking-related crisis. The first threat targeted at Washington Mutual and Chase Manhattan online banking customers asks customers to verify their personal information using a dummy Chase website. If you are a Chase Manhattan or Washington Mutual customer and receive this type of email, you may be the victim of a phishing attack. Do not click on the link in the email and contact your bank immediately.
"We continuously monitor spam and phishing feeds for new threats. Given that scammers will often take advantage of topical subjects, we expected to see the recent banking industry shuffling generate phishing and other threat related emails. The Chase Manhattan phishing email hitting banking customer inboxes is a prime example," said Andy Klein, Sr. Product Manager, SonicWALL. "The merger and acquisition activities of Bank of America, Wachovia, Chase Manhattan, Washington Mutual and other banking institutions create an environment of confusion and inconsistency that scammers thrive upon. Banking customers will see a series of phishing emails asking for personal and financial details over the coming months and it is imperative to stay alert during this period of uncertainty."With the rapid nature of the merger and acquisition activity in the financial sector that happened over the last few weeks and the lack of communication between financial institutions and their customers, phishers and hackers have an ideal opportunity to prey on uninformed banking customers. Information phishers seek varies -- anything from credit card information to account login info, to identity information. It can vary from attack to attack. In all cases, the phishing email will always direct the customer to a web site that looks like the real thing, but is not. Usually it is the "log in" page for that site. When someone enters their information it is usually sent to a "blind drop" -- another system somewhere whose purpose is to collect the information. The phisher will check the blind drop or at intervals will have the blind drop send the information to the phisher. The idea is to put as much distance between the phish and the phisher as possible.
As a precautionary measure, Andy Klein has outlined eight steps that banking customers could take to help further defend against these types of phishing-related security threats:
1. Be aware that phishing exists. 2. Improve your phishing IQ. SonicWALL has put together the phishing IQ test specifically to test your phishing knowledge. Go to: http://www.sonicwall.com/phishing/ 3. Understand how your bank communicates with you -- e-newsletter once a month, etc. 4. Assume that email that either directly asks or indirectly asks for your account, financial, or identity information is not good. 5. If you do online banking, always type in the bank URL into your browser or set up a "favorite", don't click on a link in an email. 6. If you have a question about an email, contact the bank using the phone number written down on the MAIL they sent you -- don't trust the phone number in the email. 7. Check your credit card statements for incorrect expenses. 8. If you suspect that you were phished, contact your bank immediately.
For more information on the topic of phishing and other related threats, go to: http://www.sonicwall.com/us/products/Email_Security_Anti-Spam_67.html
About SonicWALL, Inc.
SonicWALL is committed to improving the performance and productivity of businesses of all sizes by engineering the cost and complexity out of running a secure network. Over one million SonicWALL appliances have been shipped through its global network of ten thousand channel partners to keep tens of millions of worldwide business computer users safe and in control of their data. SonicWALL's award-winning solutions include network security, secure remote access, content security, backup and recovery, and policy and management technology. For more information, visit the company web site at http://www.sonicwall.com/.
Safe Harbor Regarding Forward-Looking Statements
Certain statements in this press release are "forward-looking statements" within the meaning of the Private Securities Litigation Reform Act of 1995. The forward-looking statements include but are not limited to statements regarding forecast levels for banking spam emails, trends associated with the use of banking spam and the types of banking oriented spam. These forward-looking statements are based on the opinions and estimates of management at the time the statements are made and are subject to certain risks and uncertainties that could cause actual results to differ materially from those anticipated in the forward-looking statements. In addition, please see the "Risk Factors" described in our Securities and Exchange Commission filings, including our Annual Report on Form 10-K for the year ended December 31, 2007, for a more detailed description of the risks facing our business. All forward-looking statements included in this release are based upon information available to SonicWALL as of the date of the release, and we assume no obligation to update any such forward-looking statement.
NOTE: SonicWALL is a registered trademark of SonicWALL, Inc. Other product and company names mentioned herein may be trademarks and/or registered trademarks of their respective companies.
CONTACT: Colleen Nichols of SonicWALL, Inc., +1-408-962-6131,[email protected]
Web site: http://www.sonicwall.com/