Phishers looking to cash in on Wells Fargo crash

In the wake of Wells Fargo's computer problems, security experts are bracing for a new wave of phishing attacks related to the crash

Wells Fargo may have a new problem following its widespread computer crash earlier this week: online scammers.

Over the past 24 hours, there has been a growing amount of chatter in the underground criminal community about ways to take advantage of the outage, according to Joel Helgeson, an independent computer security consultant based in Saint Paul, Minnesota.

"They've talked about spooling up their engines and networks to take full advantage of this," said Helgeson, who monitors criminal discussion forums as part of his security practice. "Everybody is sitting there waiting for a bank to screw up. It's like following behind an armored car, waiting for them to make a big mistake, and Wells Fargo just made a big one."

Many Wells Fargo banking operations including online and ATM services were knocked offline Sunday in an outage that continued to affect users Tuesday.

As of Tuesday afternoon, the bank was declaring systems operational but warning that online customers would not see their up-to-date balances on the company's Web site until Wednesday. Customers complained that transactions that had occurred after Friday were not reflected in their online bank accounts.

The anticipated spike in Wells Fargo phishing had not occurred as of Tuesday afternoon. The Anti-Phishing Working Group, an organization that tracks online fraudsters, had counted 43 live Wells Fargo phishing sites, said Dave Jevans, the group's chairman. That's a tiny fraction of the 36,000 sites tracked by the group. "I would call that a usual background noise level," he said of the Wells Fargo activity.

However, online criminals are quick to tailor their scams to any newsworthy event, and Jevens expects the Wells Fargo scams to pop up soon. "Give them a day," he added "I would be surprised if it didn't happen in this case."

According to Helgeson, criminals are planning to send out e-mails that acknowledge the computer problems and ask victims to log on to phony Wells Fargo sites in order to validate their user information.

Wells Fargo has offered few details on the crash, which was unusual in both its scope and duration. However the company did say that its problems were serious enough that the company had to restore from backup. "Using our back-up facilities, we restored Internet banking service in about one hour and 40 minutes," the company said in a statement, released Tuesday. "We thank the hundreds of team members in our technology group for working so hard to resolve this problem."

Other banking services such as point-of sales transactions, loan processing, and wire transfers were also affected by the outage.

Wells Fargo could not be reached immediately for comment.

From CIO: 8 Free Online Courses to Grow Your Tech Skills
Join the discussion
Be the first to comment on this article. Our Commenting Policies