Symantec has uncovered a cyber scam duping victims into handing over their financial information using a bogus security guidance web page.
The security firm reported uncovering the phishing scam in a blog post on Wednesday. The scam targets its victims using a bogus message masquerading as a security alert from a legitimate, unnamed credit card service provider.
"In March, we discovered a phishing site spoofing a popular credit card services company that asked users for confidential information, allegedly for additional security," wrote Symantec's Mathew Maniyara.
The message instructed its victims to disclose sensitive banking information that could be used by the attackers to illegally access their finances.
"The phishing site prompts users through a three-step procedure for activating their card and adding higher security. The first step asks users for personal and card-related information," wrote Maniyara.
"The personal information includes the users' name, date of birth, residential address, phone number, and email address. The card information includes name of bank, name on card, card number, expiration date, and card verification code."
Phishing scams and attacks on the financial sector are a growing problem facing the security industry.
The attacks range in sophistication, with some targeting the sector with basic, opportunistic phishing messages and others utilising sophisticated malware.
Prior to the phishing scam Symantec uncovered an evolved version of the Shylock targeting banks.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago