Skip to Main Content
Doing More Today
  • News
  • Community
    • Associates in Action
    • Community Engagement
    • Small Business
    • Economic Development
  • Insights & Innovation
    • Economic Commentary
    • Insights
    • Innovation
  • Financial Wellness
    • Financial Wellness
    • Fraud Prevention
  • See the Good
    • Culture
    • Good Company
    • Good Towns
    • Good Pets
    • Ecards
    • Recipes
    • Riding Forward
Subscribe Now
Regions Bank

Regions Bank: Doing More Today: Good stories. Better insights. More possibilities.

Share
Share on Facebook
Share on X
Share on LinkedIn
Share via Email
Subscribe
Illustration of a laptop screen with a lock in the...
Category: Fraud Prevention

Beware of Spiders

Threat actors known as “Scattered Spider” target employees of large organizations in an attempt to gain unauthorized access. Learn how to spot and prevent these threats.

By Brandon Arndold | October 14, 2024

Social engineering and business email compromise are nothing new, but criminals are finding even more sophisticated ways to exploit employees to carry out malicious activities.

The FBI and Cybersecurity and Infrastructure Security Agency have identified a group known as “Scattered Spider” that has been targeting large companies and their associates with the goal of obtaining credentials from an organization’s employees to install remote access tools and/or bypass multi-factor authentication (MFA). Scattered Spider then uses that access to make copies of proprietary data, install malicious software, and extort the victim organization.

Scattered Spider attacks have posed as company IT and/or help desk staff using phone calls, SMS messages and e-mails to obtain credentials from employees and gain access to their network. Multiple organizations have confirmed their employees received text messages directing them to the malicious sites to compromise credentials and access their networks.

Example Scattered Spider-attributed SMS message sent to a peer bank employee.
Example Scattered Spider-attributed SMS message sent to a peer bank employee

To keep your employees and their organization safe from malicious attacks (including scattered spider type attacks) by following these tips:

  1. Don’t blindly trust anything that comes into your inbox or phone. Always verify an e-mail’s or text message’s authenticity before you click any links or open attachments.
    • If the message received from an employee, verify through our internal messaging apps (Microsoft Teams, etc)
  2. Be suspicious of messages or conversations that are vague, generic or impersonal, or that stir strong emotions, such as fear, empathy, urgency or anger
    • EX: “Your computer has a virus on it,” “your account has been compromised,” “this has to happen immediately”
  3. Never trust an e-mail or message that requests personal or sensitive information – such as your username and password
  4. Phishing websites may look legitimate by imitating company logos and using domain names that might be close misspellings or lookalikes.
  5. Go to websites directly in a browser. Do not click links within an e-mail or SMS message when possible.

 

Scattered Spider: Three Things to Do to Help Stay Safe

1. Learn more ways to keep your business safe.
2. Test your cybersecurity knowledge.
3. Read more about protecting your business from fraud.

 

The information presented is general in nature and should not be considered, legal, accounting or tax advice. Regions reminds its customers that they should be vigilant about fraud and security and that they are responsible for taking action to protect their computer systems. Fraud prevention requires a continuous review of your policies and practices, as the threat evolves daily. There is no guarantee that all fraudulent transactions will be prevented or that related financial losses will not occur. Visit regions.com/STOPFRAUD or speak with your Banker for further information on how you can help prevent fraud.
Share
Share on Facebook
Share on X
Share on LinkedIn
Share via Email
Subscribe

Trending Articles

  • 1.

    2025 Regions Tradition Closes with Come-From-Behind Win

  • 2.

    Angela Santone Joins Regions Bank as Chief People Officer

  • 3.

    Regions Bank Named 2025 Gallup Exceptional Workplace Award Winner

  • 4.

    The Ice Man Cometh

  • 5.

    Regions Recognized for Excellence in Mortgage Servicing

Related Articles

Category: Community Engagement

Share the Good 2025: Greatest Hits

Group of Regions associates from Alabama and associates at the...
Category: Fraud Prevention

Best Remedy for Mortgage Fraud: Stop, Call and Confirm

Mortgage fraud illustration of hand holding a house model and...
Category: Culture

Bringing the Tradition to Life: Diebold Nixdorf

Steve Alker taking a swing with a crowd of onlookers...
Monica Gross Lopez, Digital Experience Researcher, Hinton Taylor, Strategic Planning...
Category: Community Engagement

Putting Job Skills to Work for the Greater Good

Incoming cell phone call from a bank and alert icon.
Category: Fraud Prevention

#BanksNeverAskThat – And Neither Does Regions

Regions Tradition 2025 trophy.
Category: Culture

2025 Regions Tradition Closes with Come-From-Behind Win

Illustration of a driver's license with a magnifying glass focussed...
Category: Fraud Prevention

Real ID Scams: 5 Tips to Avoid Becoming a Victim

Regions.com | About Regions | Investor Relations | Privacy & Security | Website Terms of Use | Contact Regions | Careers at Regions
© 2025 Regions Bank Member FDIC |
All Rights Reserved | Member FDIC | Equal Housing Lender | Online Privacy