Customers of Financial Organizations Targeted with Calendar Invites

Wells Fargo - an attractive target

• This month, a phishing campaign impersonated and lured the Wells Fargo customers to phishing pages with the help of fake calendar invites via .ics calendar file attachments. It tricked them into entering sensitive information such as their credentials, as well as their cards’ four-digit PIN.
• In the same month, an email spam campaign was uncovered in the United States spreading the malware IcedID malware to harvest credentials from the customers of Wells Fargo and few other banks.
• In early June, attackers used Qbot Trojan payload to steal data from customers of dozens of US financial institutions like Bank of America, Wells Fargo, JP Morgan, etc.

Phishing attacks duping other financial organizations

• In April 2020, in multiple spam campaigns, scammers sent out emails impersonating the U.S. Federal Reserve and lured recipients with financial relief options through the Payment Protection Program.
• In December 2019, a new phishing campaign impersonated the customers of several banks, including Royal Bank of Canada (RBC), Scotiabank, BMO Bank of Montreal, Interac, Tangerine, CIBC Canadian Imperial Bank of Commerce, Desjardins Bank, TD Canada Trust, Simplii Financial, ATB Financial, American Express, Rogers Communications, and Coast Capital Savings to steal sensitive data.

Stay safe