Trusteer says student loan phishing arrests highlight the dangers of targeted attacks

London, UK, (PresseBox) - Trusteer has welcomed news that six people have been arrested in connection with a £1 million phishing scam that saw students fooled into revealing their bank details to supposed representatives of the government student loans scheme.

According to Jack Blockley, managing director of Trusteer the Web browser security specialist's UK and Middle East operation, the case highlights the increasing danger posed by targeted attacks against customers of banks.

"I have a lot of sympathy with the students as - if you were a student relying on a government loan for your course funding and living expenses - you'd probably want to do everything possible to ensure they have the information they need to pay your money into your bank accounts on a regular basis," he said.

"And this is the psychology of targeted attacks. Get to know your victim(s) and target their weak spots, meaning that their usual guard against frauds and scams is reduced - and you have a near-perfect storm as far as an IT-assisted fraud goes," he added.

The Trusteer Managing Director went on to say that the students were invited - via email - to update their account details and allied information via what turned out to be fake Web site.

Armed with the right information, he explained, it was a simple enough matter for the cybercriminals to log in and extract money from the student's bank accounts.

Blockley says that once your online banking credentials have fallen into the wrong hands - for whatever reason - it is a relatively simple matter for the money to be siphoned out of your account in a matter of minutes and - under the new Fast Payment System (FPS) rules - the money can be a destination account with a couple of hours.

In practice, he notes, the FPS transfer is immediate and, perhaps more importantly from a fraud perspective, the two-hour maximum transfer timescales operate 24 hours a day, seven days a week - even on weekend nights when bank staffing levels are at a minimum.

"The combination of a targeted attack and the recently-enhanced FPS bank transfer system in the UK makes for easier online banking fraud as far as cybercriminals are concerned. And as they frequently operate on the other side of the world, the quiet times in the UK when these types of fraud take place are often normal working hours for them," he said.

"And even if the cybercriminals have to forgo a little sleep for their fraudulent endeavours, with potential rewards measured in seven figures, they are not too hard done by. This entire saga shows why all users of online bank accounts need to be on their guard 24x7 and use all available security measures - especially if their bank offers security software free of charge such as Trusteer Rapport, which has proven to be effective at stopping online banking fraud for tens of millions users around the world," he added.

For more on Trusteer:

For more of the student loan phishing arrests:


Trusteer is the leading provider of cybercrime prevention solutions that protect organizations against financial fraud and data breaches. Hundreds of organizations and millions of end users rely on Trusteer to protect their computers and mobile devices from online threats that are invisible to legacy security solutions. Trusteer's Cybercrime Prevention Architecture combines multi-layer security software and real-time threat intelligence to defeat zero-day malware and phishing attacks, and help organizations meet regulatory compliance requirements. Leading organizations such as HSBC, Santander, The Royal Bank of Scotland, SunTrust and Fifth Third are among Trusteer's clients. For more information visit:

Press releases you might also be interested in

Weitere Informationen zum Thema "Sicherheit":

Sichere Admin-Konten mit Azure AD PIM

An­grif­fe auf Netz­wer­ke und Cloud-Di­ens­te sind be­son­ders dann ge­fähr­lich, wenn pri­vi­le­gier­te Be­nut­zer­kon­ten, bei­spiels­wei­se von Ad­mi­ni­s­t­ra­to­ren, kom­pro­mit­tiert wer­den. Die­se Kon­ten müs­sen al­so be­son­ders ge­schützt wer­den, vor al­lem in der Cloud. Mi­cro­soft Azu­re Ac­ti­ve Di­recto­ry Pri­vi­le­ged Iden­ti­ty Ma­na­ge­ment ist ein Ver­wal­tung­stool, das hier­bei hel­fen kann


Subscribe for news

The subscribtion service of the PresseBox informs you about press information of a certain topic by your choice at a choosen time. Please enter your email address to receive the email with the press releases.

An error occurred!

Thank you! You will receive a confirmation email within a few minutes.

I want to subscribe to the gratis press mail and have read and accepted the conditions.