Recently, two separate security firms reported that they are tracking large-scale phishing attacks on bank customers, potentially reaching over 20,000 banking customers.
Researchers at the security firm Armorblox discovered a phishing campaign that has targeted a select group of Bank of America customers. The campaign used small email blasts and other measures to ensure that the malicious emails bypassed spam detection and reached the intended victims. Meanwhile, Abnormal Security researchers are investigating a massive phishing campaign aimed at Wells Fargo customers. The fraudsters are imitating the bank’s security team and sending victims a fake message warning them that if they don’t update their security key, they will lose access to their account.
Victims are directed to malicious domains and asked to input their credentials, which are then harvested by the fraudsters. Neither report delved into how successful the campaigns have been so far, but researchers noted that emails might have reached as many as 20,000 inboxes.
These campaigns are the most recent reminder that your customers’ information is one of the highest-value targets in your organization – and with customers, traditional security measures don’t always apply. You can’t fence your customers into a network segment or put thousands or millions of devices behind a corporate firewall. When you’re protecting customer-facing apps, those people are your perimeter.
It’s more important than ever to protect your customers with a robust IAM solution that accounts for your customers’ movements and actions. MFA is a fast and effective way to foil credential theft, but making customers enter a code every time they sign in to your systems is a recipe for frustration.
Enter Okta Adaptive MFA. With Adaptive MFA, you can identify logins from an atypical location or device and target those logins for MFA. Customers won’t notice a difference as they go about their regular business, and MFA will block attackers as Okta detects that they are not in the customer’s usual locations and devices. Adaptive MFA keeps your customers safe and your organization one step ahead of cybercriminals.
TechJutsu can help you get started on building your company’s robust IAM solution today or answer any questions you may have about Adaptive MFA and how it can protect your company. Book a meeting today to get started.