Hackers are preparing a major “phishing” attack against customers of Bank Leumi, the Bank's security department warned Tuesday. Customers were warned not to click on any files or documents ostensibly sent to them by the bank, no matter how legitimate they appeared.
In a “phishing” attack, a hacker will send a legitimate-looking email, usually with the logos and pertinent information of a legitimate-looking institution – in this case Bank Leumi itself. These messages contain a link or a document users are asked to open, to check information or make corrections to data. Unbeknownst to customers, these messages are not sent by the bank, but by hackers, and the documents and links contain not information on their accounts, but a piece of software that will either hijack their computer for the hackers' purposes, steal their secure banking information, or use their machine as a springboard to launch an attack against a server.
The phishing attack on Leumi customers follows the same pattern, the bank said. In the email, customers will be asked to click on a link to renew their passwords. The link will appear to not lead anywhere, but in reality it will install an application on the customer's computer that will compromise their security in a significant manner.
According to Bank Leumi's official Facebook page, “the Bank does not send links of this type via email. Customers are never asked to disclose personal information in this manner. If you get an email of this type, erase it immediately.”