[ISN] National Australia Bank hit by DDoS attack

From: InfoSec News (alerts@private)
Date: Mon Oct 23 2006 - 00:09:31 PDT


http://www.zdnet.com.au/news/security/soa/National_Australia_Bank_hit_by_DDoS_attack/0,130061744,339271790,00.htm

By Munir Kotadia
ZDNet Australia
20 October 2006 

The National Australia Bank (NAB) has warned its customers to beware of 
new phishing attacks after the bank's Web site was hit by a DDoS attack 
earlier this week.

NAB customers experienced problems accessing the online banking service 
on Wednesday, according to a bank spokesperson.

"We first noticed [the attack] on Wednesday. For the moment it is not 
having any impact and has been OK for the past 24 hours but there was a 
bit of residual impact yesterday.

"Customers were having to, in some cases, try a number of times. It did 
slow down the access and jam the system intermittently," the 
spokesperson told ZDNet Australia.

According to the spokesperson, the bank decided to re-issue its phishing 
warning in case the fraudsters use future attacks to try and trick 
customers into visiting spoofed versions of the bank's Web site.

"That was something that crossed our minds so we thought it would be 
timely to put out a warning to people -- which we have done before," the 
spokesperson added.

NAB's CIO, Michelle Tredenick, said in a statement that "Any NAB 
customer who receives [a phishing] e-mail is advised to delete it 
without clicking on any embedded links."

Tredenick said that customer's details had not been compromised by the 
attack: "Customer information has not been at risk as a result of this 
issue and our security systems have protected our internal systems. But 
the incident highlighted the need for banks and customers to be vigilant 
at all times".

Last month, NAB customers received a batch of phishing e-mails that 
tried to trick them into running a malicious file that had been placed 
on a hacked Web server run by Sarajevo Airport.

The e-mail contained a number of NAB logos and asks recipients to "renew 
services" on their account by clicking on a link within the message.


_________________________________
Visit the InfoSec News store!
http://www.shopinfosecnews.org 



This archive was generated by hypermail 2.1.3 : Mon Oct 23 2006 - 00:20:47 PDT