Four banks have been targeted by phishers in an international attempt at fraud.

It is not clear if the phishers are working together, but at least two of the attacks bear strong similarities. Banesto Bank in Spain, Poste Italiane Banca in Italy, the Canadian Bank of Montreal and the Visions Federal Credit Union in the United States have all been targeted.

The attacks against the Italian and Canadian banks both use a similar message, that someone has accessed the account from an unusual IP address, and advises customers to check their accounts using the enclosed link. The URL leads to a site in Korea that harvests log-on details.

The emails targeting Banesto Bank have a similar message but this time the phishing site is located in Singapore, a country not usually associated with phishing.

The American attack is a homegrown affair, with the phishing website hosted within the continental United States. The initial email poses as a member of the credit union's customers support service.

"We are contacting you to remind that on August 20, 2005 our Online Review Team identified some unusual activity in your account," it reads.

"If your account access will remain limited for a long period of time may result in further limitations on the use of your account and possible account closure. We encourage you to sign in and perform the steps reguisite (sic) to give back your online access as soon as possible."

All four websites were found by internet monitoring firm Websense and are still active, although attempts have started to get them shut down.