UK High Street Banks targeted by malware


by Dr. Grigorios Fragkos, VP CyberSecurity

Even though the malware Dyre that was used in the phishing campaign against UK High Street Banks first appeared last year, there has been a recent surge in its spread. It has been reported that spam servers were used to send 19K emails to UK customers of RBS, Barclays, HSBC, Lloyds Bank and Santander in an attempt to steal their customers’ login details to online banking services.


Though it seems that the main target in the UK includes those banks mentioned above, banks such as Bank of America, Citibank, Wells Fargo, JP Morgan Chase and PayPal may have all been targeted in the United States.

Spear phishing emails

Three ‘spear phishing’ emails have been sent, one of which contained the Dyreza banking Trojan (a.k.a. Dyre), which actually shares many similarities with the infamous Zeus malware. The first email pretended to be a follow-up email from a tax consultant, this email asked the recipients to urgently download the attached file in order to complete a pending financial transaction.


The second email asked the recipients to attach and send back personal and financial details, and the third email had an archive attached to it that contained the malicious executable file. The malware becomes active only when a user enters login credentials on specific sites.


Usually it activates when the login page is of a banking institution or a financial service. By injecting malicious JavaScript code it allows the cyber criminals behind this attack to steal credentials and manipulate the breached accounts.


Spear phishing attacks are a major problem as it can sometimes be very difficult to distinguish between a real and a fraudulent email. This is not only true for the common user but also for companies as well as these spear phishing emails target their staff. If the staff are not educated and trained to recognise a potential spear phishing email, they may click on links or open attachments from unknown senders.


The only way to be resilient to a phishing campaign is to train staff appropriately with relevant awareness training courses.

A thought leader in tackling such attacks

Sysnet is considered a thought leader in tackling such attacks and our awareness training course is considered state-of-the-practice when it comes to understanding the nature of phishing attacks.


Sysnet not only educates employees about the different types of spear phishing emails in the wild, but also highlights how cyber criminals target individuals or groups, by exploiting the curiosity of human nature, through targeted attacks. To that extent, it is also vital to understand the significance of Operations Security (OPSEC) in this fast evolving threat landscape.


Sysnet Risk & Assurance is available to assist with pragmatic solutions to help improve security posture and meet compliance initiatives, for more information, please visit Risk & Assurance or email


Webpage URL

Find out more about our Cyber Security and Compliance Solutions

Request a Callback

Leave a Reply

Your email address will not be published. Required fields are marked *