Researchers have discovered a two-year phishing and spoofing (disguising a communication as being from a known, trusted source) campaign targeting customers of Canadian banks.
Fourteen banks in total were spoofed in a operation that involved multiple look-alike domains. The attack started with legitimate-looking emails containing a PDF attachment. The document informed the victims that they had to renew their digital certificate to use online banking. All of the URLs in the documents led to a phishing page asking for banking credentials.
Convincing emails, look-alike sites of popular banks and tailor-made documents enabled attackers to lead a large-scale operations for two years. Users should be aware that anyone can create a spoofed website and get a legitimate certificate for it.