JPMorgan clients targeted with email phishing attacks

JPMorgan clients were attacked in an email phishing operation that gathered clients banking credentials by installing a malware on the institution’s system.


Earlier this year, hackers infiltrated JP Morgan’s system networks. According to researchers, the criminals were able to get access to various JPMorgan servers for months. By doing this, the hackers got a deeper knowledge of the bank's computers and operations systems. Even though the attack took place in June, the financial institution did not detect the intrusion until August.
The infiltration begun as a phishing attack, where a malware infected an employee's personal computer and penetrated into the institution’s systems. The hackers in this case were able to review information on thousands customer accounts and a malicious software was installed on the servers.

Customers who click the link were driven to insert their banking credentials and provide access to their bank account. Even if the user denies to insert credentials, the malicious website could install a Trojan malware on their PC called Dyre. Dyre is a type of malware that focus specifically in banking credentials.

Fortunately, hackers could not gain access to financial information or social security numbers. It is not known whether account holder names, addresses and phone numbers were exposed.

JP Morgan is only one of four banks in the United States that has suffered from IT attacks. Experts are considering the possibility that recent hacking of JPMorgan is connected to a series of data breaches at European banks. Some of them argued that it might be related to the cases of Russian retaliation for U.S. sanctions ratified due to the crisis in Ukraine.

Due to the increasing e-mail attacks among enterprises globally, e-mail security no longer just covers anti-spam and anti-virus. Unknown attacks are attacking financial institutions and they are not even realizing the problem until months later. Cellopoint APT Defense for emails provides a new defense solution and email environment check up services: include CelloCloud sandbox detection, or on premise scan modes, effectively increasing the defensive rate entirely.

Cellopoint International Co. focuses in the security and administration on emails. With many years of accumulated experience in this field, they combine the actual needs of customers, and provide the highest performance of email security and management. Cellopoint email security and APT defense solution solves the problem of leakage of confidential data and the possibility to be hacked by strengthening email infrastructure, bringing the email security to a new level of effectiveness, lowest TCO and the most simple maintenance.