JP Morgan Targeted In New Phishing Campaign

Double-whammy 'Smash and Grab' hits targets with two ways to steal credentials.

Sara Peters, Senior Editor

August 23, 2014

1 Min Read
Dark Reading logo in a gray background | Dark Reading

Corporate email provider Proofpoint discovered a new phishing campaign, this week, aimed at customers of JP Morgan Chase & Co.

The campaign has been dubbed "Smash and Grab" because it combines two methods of obtaining access credentials.

It uses social engineering tactics to try to persuade users to part with their JP Morgan credentials, specifically, by asking them to click to view a secure message from the bank. It also infects the target with Dyre, a banking Trojan that lifts login data for other places too.

The attack appears to have been launched on Tuesday. Proofpoint saw roughly 150,000 of the phishing emails that day.

About the Author

Sara Peters

Sara Peters

Senior Editor

Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad of other topics. She authored the 2009 CSI Computer Crime and Security Survey and founded the CSI Working Group on Web Security Research Law -- a collaborative project that investigated the dichotomy between laws regulating software vulnerability disclosure and those regulating Web vulnerability disclosure.


See more from Sara Peters
Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe

You May Also Like

More Insights
Webinars
More Webinars

Editor's Choice

American and Chinese flags on computer keyboard keys
Cyberattacks & Data Breaches
CISA Issues Guidance to Telecom Sector on Salt Typhoon ThreatCISA Issues Guidance to Telecom Sector on Salt Typhoon Threat
byJai Vijayan, Contributing Writer
Dec 4, 2024
4 Min Read
Great Siege Tunnels, Gibraltar, featuring a tableau of seven cannons overlooking Spanish positions
Сloud Security
Russia's 'BlueAlpha' APT Hides in Cloudflare TunnelsRussia's 'BlueAlpha' APT Hides in Cloudflare Tunnels
byTara Seals, Managing Editor, News, Dark Reading
Dec 5, 2024
2 Min Read
Mitel's corporate logo on an office building
Vulnerabilities & Threats
Bypass Bug Revives Critical N-Day in Mitel MiCollabBypass Bug Revives Critical N-Day in Mitel MiCollab
byNate Nelson, Contributing Writer
Dec 5, 2024
4 Min Read
Reports
More Reports
Webinars
More Webinars
White Papers
More Whitepapers