Skip to Content
Security & privacy

Notorious hacking crew starts attacking banks

Phishing attacks are among the most successful that crooks use, because they can catch people off guard. Usually they involve an email that seems safe enough. But click it, and you’re infected — and the network is, too, if you’re at work.

A group of hackers has used this technique for awhile now against banks in over 40 countries and has caused over $1 billion in damage.

Now this crew, called The Cobalt Group, is at it again, targeting banks in Eastern Europe and Russia in the hopes of collecting big bucks one more time.

NS Bank in Russia and Patria Bank in Romania have been phished beginning in mid-August. Phishing emails were sent to employees and appeared to come from a financial vendor or bank partner. Emails of this type are highly trusted and therefore clicked much too easily. Then, the attack begins.

Malicious emails

The links in these emails directed the user to a Word document that was corrupted, or to a .jpg file that carried the attack. The emails had both, giving the attackers two ways to infect a system.

Researchers say the codes in the emails look suspiciously like a Trojan campaign that opens up a hole in network security, compromising machines for later access. Cobalt Group crooks are likely looking for sensitive information from clients and a way to steal money from those organizations.

This attack is significant even though it’s across the sea for two reasons: Some American companies do business overseas, and attacks there could open up access to businesses in the U.S. Also, a successful campaign like this could easily spread to other banks in the West and the United States.

How to protect against phishing attacks

These attacks for now are targeting big banking firms, but individuals can also get phishing emails. Those emails are trying to take advantage of people who are not paying attention, which is why you want to keep these tips in mind:

  • Be cautious with links – If you get an email or notification that you find suspicious, don’t click on its links. It could be a phishing attack. It’s always better to type a website’s address directly into a browser than clicking on a link.
  • Do NOT enable macros – You should never download PDF, Word or Excel files attached to unsolicited emails to begin with. If you do open one of these documents and it says that you need to turn on macros, close the file and delete it immediately.
  • Watch for typos – Phishing scams are infamous for having typos. If you receive an email or notification from a reputable company, it should not contain typos. Take our phishing IQ test to see if you can spot a fake email.
  • Use unique passwords – Many people use the same password for multiple websites. This is a terrible mistake. If your credentials are stolen on one site and you use the same username and/or password on others, it’s simple for the cybercriminal to get into each account. Click here to find out how to create hack-proof passwords.
  • Set up two-factor authentication  Two-factor authentication, also known as two-step verification, means that to log in to your account, you need two ways to prove you are who you say you are. It’s like the DMV or bank asking for two forms of ID. Click here to learn how to set up two-factor authentication.
  • Check your online accounts  The site Have I Been Pwned allows you to check if your email address has been compromised in a data breach.
  • Have strong security software – Having strong protection on your gadgets is very important. The best defense against digital threats is strong security software.
Komando Community background

Join the Komando Community!

Get even more digital know-how and entertainment with the ad-free Komando Community! Watch or listen to The Kim Komando Show on your schedule, read Kim's eBooks for free, and get answers in the Tech Forum.

Join Now