Barclays Hacked by Cyberthieves Using Monzo Account, PISP

guest · Oct 4, 2021

Barclays Hacked by Cyberthieves Using Monzo Account, PISP
October 3, 2021
https://www.pymnts.com/news/security-and-risk/2021/barclays-hacked-cyberthieves-monzo-account-pisp/

Millions of pounds were swiped from Barclays accounts in a series of coordinated cyberattacks by a fraudster using a Monzo account and a payments initiation service provider (PISP), The Telegraph reported.

PISPs are a newer concept, introduced by the revised European Payment Services Directive (PSD2), and give retail customers the ability to pay companies directly from their bank account instead of using a debit or credit card.

“There is nothing new or different about a fraudster’s approach to these cases that are specific to using a PISP,” a Barclays spokesperson said, per the report. “It is the same type of social engineering to convince victims to share passcodes/Pinsentry codes as is done to defraud customers through traditional channels. We regularly warn customers to never give out their Pinsentry codes, passcodes or any passwords to prevent this type of fraud from happening.”
Click to expand...

A cyberattack involving a PISP happened in May, according to meeting minutes from the Open Banking Implementation Entity (Obie), The Telegraph reported. Monzo did not appear to be involved.

In that case, the victim clicked on a text message link to verify a payment and was taken to a phishing website that mirrored the victim’s bank. The cyberthief then swiped the victim’s login credentials, set up an account, and used the PISP to initiate payment requests, according to the report.
Click to expand...

Rasheed187 · Oct 10, 2021

mood said: ↑

Barclays Hacked by Cyberthieves Using Monzo Account, PISP
October 3, 2021
https://www.pymnts.com/news/security-and-risk/2021/barclays-hacked-cyberthieves-monzo-account-pisp/
Click to expand...

The question is, wasn't Barclays using 2FA? And why are online banks not using hardware based security tokens? Instead they are trying to make it more convenient and thus more risky for people.

Log in or Sign up

Barclays Hacked by Cyberthieves Using Monzo Account, PISP

guest Guest

Rasheed187 Registered Member

Log in or Sign up

Barclays Hacked by Cyberthieves Using Monzo Account, PISP

guest Guest

Rasheed187 Registered Member

Useful Searches