Skip to Main Content
Doing More Today
  • News
  • Community
    • Associates in Action
    • Community Engagement
    • Small Business
    • Economic Development
  • Insights & Innovation
    • Economic Commentary
    • Insights
    • Innovation
  • Financial Wellness
    • Financial Wellness
    • Fraud Prevention
  • See the Good
    • Culture
    • Good Company
    • Good Towns
    • Good Pets
    • Ecards
    • Recipes
    • Riding Forward
    • The Extra Mile
Subscribe Now
Regions Bank

Regions Bank: Doing More Today: Good stories. Better insights. More possibilities.

Share
Share on Facebook
Share on X
Share on LinkedIn
Share via Email
Subscribe
Illustration of a laptop screen with a lock in the...
Category: Fraud Prevention

Beware of Spiders

Threat actors known as “Scattered Spider” target employees of large organizations in an attempt to gain unauthorized access. Learn how to spot and prevent these threats.

By Brandon Arndold | October 14, 2024

Social engineering and business email compromise are nothing new, but criminals are finding even more sophisticated ways to exploit employees to carry out malicious activities.

The FBI and Cybersecurity and Infrastructure Security Agency have identified a group known as “Scattered Spider” that has been targeting large companies and their associates with the goal of obtaining credentials from an organization’s employees to install remote access tools and/or bypass multi-factor authentication (MFA). Scattered Spider then uses that access to make copies of proprietary data, install malicious software, and extort the victim organization.

Scattered Spider attacks have posed as company IT and/or help desk staff using phone calls, SMS messages and e-mails to obtain credentials from employees and gain access to their network. Multiple organizations have confirmed their employees received text messages directing them to the malicious sites to compromise credentials and access their networks.

Example Scattered Spider-attributed SMS message sent to a peer bank employee.
Example Scattered Spider-attributed SMS message sent to a peer bank employee

To keep your employees and their organization safe from malicious attacks (including scattered spider type attacks) by following these tips:

  1. Don’t blindly trust anything that comes into your inbox or phone. Always verify an e-mail’s or text message’s authenticity before you click any links or open attachments.
    • If the message received from an employee, verify through our internal messaging apps (Microsoft Teams, etc)
  2. Be suspicious of messages or conversations that are vague, generic or impersonal, or that stir strong emotions, such as fear, empathy, urgency or anger
    • EX: “Your computer has a virus on it,” “your account has been compromised,” “this has to happen immediately”
  3. Never trust an e-mail or message that requests personal or sensitive information – such as your username and password
  4. Phishing websites may look legitimate by imitating company logos and using domain names that might be close misspellings or lookalikes.
  5. Go to websites directly in a browser. Do not click links within an e-mail or SMS message when possible.

 

Scattered Spider: Three Things to Do to Help Stay Safe

1. Learn more ways to keep your business safe.
2. Test your cybersecurity knowledge.
3. Read more about protecting your business from fraud.

 

The information presented is general in nature and should not be considered, legal, accounting or tax advice. Regions reminds its customers that they should be vigilant about fraud and security and that they are responsible for taking action to protect their computer systems. Fraud prevention requires a continuous review of your policies and practices, as the threat evolves daily. There is no guarantee that all fraudulent transactions will be prevented or that related financial losses will not occur. Visit regions.com/STOPFRAUD or speak with your Banker for further information on how you can help prevent fraud.
Share
Share on Facebook
Share on X
Share on LinkedIn
Share via Email
Subscribe

Trending Articles

  • 1.

    5 Smart Habits for a Safer Digital Life

  • 2.

    Character. Commitment. Results: American Banker Again Ranks Regions’ Reputation High Among Industry Peers

  • 3.

    ‘False Alarm, Real Scam’

  • 4.

    The Extra Mile: The Gift of Life

  • 5.

    4 Steps to Avoid Fake CAPTCHA Scams

Related Articles

Illustration includes all the disability icons.
Category: Culture

Celebrating Value and Talent

Regions Bank Cybersecurity team associates.
Category: Fraud Prevention

5 Smart Habits for a Safer Digital Life

#BankNeverAsk Quiz graphic.
Category: Fraud Prevention

#BanksNeverAskThat Quiz

Regions associates at the volunteer events.
Category: Community Engagement

Regions Associates Lead by Example to Truly Make a Difference

Laptop on a desk with the gameplay screen of "Scam...
Category: Fraud Prevention

Play Scam City

Regions Extra SEC Stories
Category: Culture

Introducing Regions Extra: SEC Stories

  • Passwords That Pack a Punch
  • #PracticeSafeChecks
  • The Extra Mile: The Gift of Life
  • Neighbors Helping Neighbors: Regions Helps Fight Hunger
Regions.com | About Regions | Investor Relations | Privacy & Security | Website Terms of Use | Contact Regions | Careers at Regions
© 2025 Regions Bank Member FDIC |
All Rights Reserved | Member FDIC | Equal Housing Lender | Online Privacy