TSB warns customers about being targeted by phishing attacks amid long outage

TSB warns customers about being targeted by phishing attacks amid long outage

TSB warns customers about being targeted by phishing attacks amid long outage

TSB today warned that malicious cyber criminals could be targeting customers with phishing emails by masquerading as the bank itself to make them divulge their account details, security PINs or passwords.

TSB's warning comes not long after a weekend upgrade of its banking systems to shift customer records from Lloyds' online systems to its own went horribly wrong, resulting in a long outage that affected millions of customers in the UK.

Long outage continues

Even though several days have passed since the upgrade was first initiated, a lot of TSB customers are still complaining on social media about not being able to access their accounts online. Incredibly, some of them who could view their accounts found that aside from their own accounts, they could also view account and transaction records of other people on their dashboards.

"I could see all my accounts, but on top of that also three accounts belonging to someone else: a £35,000 savings account, an £11,000 Isa and a business account," Matthew Neal from Hertfordshire told the BBC.

"I could see their account numbers, sort codes and transaction histories and I had access to transfer money too, if I was that way inclined. The thing that was worrying me most was: what if someone can see mine too?"

Even though TSB is still trying to ensure that all of its customers are able to access online banking, the bank had to warn customers about a new threat earlier today after being warned about the same from some affected ones.

"Customers have made us aware that they're receiving emails and tweets claiming to be from TSB. We would never ask you for your security details such as PIN or full password and we would only contact you via social media from our Official @TSB Twitter or Official Facebook page," it said.

"We support the Take Five initiative and recommend all our customers familiarise themselves with the Take Five guidance," it added.

Hackers always ready to pounce

"It was only a matter of time until this started to happen. The sheer number of the TSB customers who have been impacted by the outage makes it a no-brainer for hackers to begin targeting those affected," said Stephen Burke, Founder & CEO of Cyber Risk Aware.

"It would not be surprising if fake SMS messages (smishing) also start appearing which pretend to be two-factor authentication messages thereby giving hackers real codes they can use to login to the users’ bank account. This would be done in conjunction and targeted to those that have taken the bait in a phishing email.

"The issue here reinforces that people will blindly click on links in email or social media messages if the person believes it has come from a trusted resource. People are trusting and criminals are taking advantage of this by preying on peoples’ emotions and having massive success, mainly due to people not querying emails and their content. People need to stop and think before clicking," he warned.

Copyright Lyonsdown Limited 2021

Top Articles

teissTalk: Cyber Policy & Supply Chain Resilience

On 15 April, teissTalk host Geoff White was joined by a panel of four cyber security experts to discuss keeping supply chains cyber secure and resilient.

teissTalk: Malicious or Non-Malicious? Tackling the Remote Insider Threat

On 13 April, teissTalk host Jenny Radcliffe was joined by a panel of four cybersecurity professionals to discuss insider threats, especially the threat posed by remote workers.

Meet the teissTalk Hosts - The state of cyber crime in 2021

Social engineer Jenny Radcliffe and investigative journalist Geoff White, the joint hosts of teissTalk, introduce themselves

Related Articles