Botched upgrade at Belgian bank Argenta sparks phishing frenzy
Fraudsters seize advantage as transfers, balances grind to halt
Belgian bank Argenta has apologised for a botched tech plumbing upgrade that delayed transfers and confronted customers with incorrect balance data.
The bank, which has 1.4 million Belgian customers, blamed the problems on post-upgrade issues with the data transfer mechanism between its two data centres, among other things.
Last weekend, we did some radical work on our bank's IT infrastructure. This work did not go smoothly, causing a delay in the transfer of our internal data. As a result, our customers and our agencies have experienced significant inconvenience as of Tuesday, April 3.
In collaboration with various experts, our colleagues are making every effort to remedy the problems and normalise the situation. We will keep you informed throughout this process, including through this temporary web page.
On Thursday night the bank decreased the load on the data transfer network by optimising certain applications and increased the bandwidth between its two main sites. Improved data storage technologies were installed as part of its ongoing efforts to get back to normal. The work was completed by the early hours of Friday, allowing Argenta to reactivate its mobile banking app.
In its latest statement (PDF, en français), Argenta admitted the system is still not stable. Internet banking is still not possible via Argenta's website. "In the exceptional circumstances, we authorise certain urgent transactions made by email," it said, adding that this would only happen after telephone checks and other controls.
Argenta customers can still obtain cash from ATMs or pay in shops using their debit cards. The account balances glitch has been resolved even though other problems clearly remain.
Online banking applications were taken offline at the weekend to facilitate the upgrade. When they were reactivated on Tuesday (3 April), it quickly became clear that something was seriously wrong, as Reg reader Robin L explained.
"Transfers of money, for instance wages, were in some instances delayed and some customers were confronted with an 'insufficient balance' message when trying to carry out a payment or withdraw cash," Robin told us. "Customers sufficiently in credit have been able to make payments but are only able to see their balance by visiting a branch of the bank."
Even more distressingly, 850 account holders reported that their accounts were now in the name of their former or deceased partner.
By Wednesday, scammers had attempted to take advantage of the confusion by sending Belgians phishing emails. Argenta is warning customers to disregard all such messages. "We will never contact you by email to resolve security issues or other issues related to your Internet banking accounts or applications," it said. "Do not answer it in any case."
This sage advice sits awkwardly against what Argenta was saying earlier this week, specifically in relation to bank transfers where it asked customers to get in touch with it via email.
Our tipster reported: "On Thursday, one of the FAQs on the bank's temporary landing page was ridiculed by Twitter users. Customers who urgently needed to transfer money and who were unable to visit a bank branch were advised to email the bank with as subject 'dringende overschrijving' (urgent transfer) and include the details of the transaction to be carried out as an attachment.
"The bank first insisted it 'remained vigilant' and would verify every transaction by telephone but withdrawn the advice later on Thursday."
Belgian news outlet GVA reported (in Dutch) how experts reacted in disbelief after Argenta asked customers to email bank details.
Eddy Willems, a Belgian security expert who works for security firm G DATA Software, criticised Argenta for failing to get a grip on the problem more quickly. If the bank had a disaster recovery plan then that too has evidently failed.
"It took them a week before everything was under control which is more or less the case now," Willems told El Reg. "The app is finally working and the website should be accessible by now. It's unbelievable that a bank can get away with a problem like this these days. They should have planned this more carefully and tested backups or alternative plans much better."
Willems confirmed that phishing emails have flourished in the chaos surrounding the bank's upgrade woes.
"During this week there was a big spike in Argenta phishing mails which were related to the problems. More than 80 complaints were received by the Centre For Cyber Security. Personally I got about 20 phishing mails (in Dutch/Flemish) on my email accounts.
"People should know better, I'm pretty sure that some transactions have gone to the cybercriminals. Argenta is paying their customers back in this case and tried to block the phishing websites ASAP after appearing. It seems that people are still not aware enough about phishing during this kind of situation." ®
Sponsored: Becoming a Pragmatic Security Leader