Someone Is Spoofing Big Bank IP Addresses – Possibly to Embarrass Security Vendors

The last several days have seen a surge in internet traffic mimicking the IP addresses of big U.S. banks in a possible effort to disrupt the cybersecurity personnel and products that help protect organizations from malicious traffic, according to GreyNoise Intelligence, a company that maps internet traffic.

Bank of America, JPMorgan Chase, and SunTrust are among the banks whose IP addresses are being spoofed to seem like they are conducting broad scans of the internet, GreyNoise said. That large-scale scanning is duping people into thinking that the IP addresses are malicious, GreyNoise founder Andrew Morris told CyberScoop. “There are a lot of people around the internet who are definitely convinced that these are bad IPs,” he said.

Threat intelligence teams in the U.S. financial sector are looking into the issue, sources told CyberScoop.

Read more at CyberScoop

Homeland Security Today

The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

See Full Bio