Skip to Main Content
Doing More Today
  • News
  • Community
    • Associates in Action
    • Community Engagement
    • Small Business
    • Economic Development
  • Insights & Innovation
    • Economic Commentary
    • Insights
    • Innovation
  • Financial Wellness
    • Financial Wellness
    • Fraud Prevention
  • See the Good
    • Culture
    • Good Company
    • Good Towns
    • Good Pets
    • Ecards
    • Recipes
    • Riding Forward
    • The Extra Mile
Subscribe Now
Regions Bank

Regions Bank: Doing More Today: Good stories. Better insights. More possibilities.

Share
Share on Facebook
Share on X
Share on LinkedIn
Share via Email
Subscribe
Illustration of a laptop screen with a lock in the...
Category: Fraud Prevention

Beware of Spiders

Threat actors known as “Scattered Spider” target employees of large organizations in an attempt to gain unauthorized access. Learn how to spot and prevent these threats.

By Brandon Arndold | October 14, 2024

Social engineering and business email compromise are nothing new, but criminals are finding even more sophisticated ways to exploit employees to carry out malicious activities.

The FBI and Cybersecurity and Infrastructure Security Agency have identified a group known as “Scattered Spider” that has been targeting large companies and their associates with the goal of obtaining credentials from an organization’s employees to install remote access tools and/or bypass multi-factor authentication (MFA). Scattered Spider then uses that access to make copies of proprietary data, install malicious software, and extort the victim organization.

Scattered Spider attacks have posed as company IT and/or help desk staff using phone calls, SMS messages and e-mails to obtain credentials from employees and gain access to their network. Multiple organizations have confirmed their employees received text messages directing them to the malicious sites to compromise credentials and access their networks.

Example Scattered Spider-attributed SMS message sent to a peer bank employee.
Example Scattered Spider-attributed SMS message sent to a peer bank employee

To keep your employees and their organization safe from malicious attacks (including scattered spider type attacks) by following these tips:

  1. Don’t blindly trust anything that comes into your inbox or phone. Always verify an e-mail’s or text message’s authenticity before you click any links or open attachments.
    • If the message received from an employee, verify through our internal messaging apps (Microsoft Teams, etc)
  2. Be suspicious of messages or conversations that are vague, generic or impersonal, or that stir strong emotions, such as fear, empathy, urgency or anger
    • EX: “Your computer has a virus on it,” “your account has been compromised,” “this has to happen immediately”
  3. Never trust an e-mail or message that requests personal or sensitive information – such as your username and password
  4. Phishing websites may look legitimate by imitating company logos and using domain names that might be close misspellings or lookalikes.
  5. Go to websites directly in a browser. Do not click links within an e-mail or SMS message when possible.

 

Scattered Spider: Three Things to Do to Help Stay Safe

1. Learn more ways to keep your business safe.
2. Test your cybersecurity knowledge.
3. Read more about protecting your business from fraud.

 

The information presented is general in nature and should not be considered, legal, accounting or tax advice. Regions reminds its customers that they should be vigilant about fraud and security and that they are responsible for taking action to protect their computer systems. Fraud prevention requires a continuous review of your policies and practices, as the threat evolves daily. There is no guarantee that all fraudulent transactions will be prevented or that related financial losses will not occur. Visit regions.com/STOPFRAUD or speak with your Banker for further information on how you can help prevent fraud.
Share
Share on Facebook
Share on X
Share on LinkedIn
Share via Email
Subscribe

Trending Articles

  • 1.

    Character. Commitment. Results: American Banker Again Ranks Regions’ Reputation High Among Industry Peers

  • 2.

    September 2025 | Economic Commentary

  • 3.

    ‘False Alarm, Real Scam’

  • 4.

    The Peak of Hurricane Season: Avoiding Disaster Scams

  • 5.

    3 Tips to Avoid Retail Refund Scams

Related Articles

Paula Drake, Chief Marketing and Communications Officer at Regions Bank...
Category: News

In the Limelight: Paula Drake and Kendra Key

Terry Hoey playing guitar and donated instruments.
Category: Community Engagement

Banding Together

Illustration of a webpage with a suspicious url, and a...
Category: Fraud Prevention

4 Steps to Avoid Fake CAPTCHA Scams

Man texting on the phone.
Category: Fraud Prevention

Shutdown Primer: 4 Tips to Stop the Scam

Deepfake scams illustration with the alert.
Category: Fraud Prevention

Red Flags of a Deepfake Scam

Peter Burns at SEC Now desk
Category: Culture

Voices of the SEC: Peter Burns

  • In the Limelight: Keren Treme and Cynthia Comford
  • #BanksNeverAskThat: Recognizing Red Flags
  • P2P Fraud: 8 Tips to Stay Safe
  • The Extra Mile: Lifting Everyone in East Mississippi
Regions.com | About Regions | Investor Relations | Privacy & Security | Website Terms of Use | Contact Regions | Careers at Regions
© 2025 Regions Bank Member FDIC |
All Rights Reserved | Member FDIC | Equal Housing Lender | Online Privacy