Contact: Colleen Nichols of SonicWALL, Inc., +1-408-962-6131, cnichols@sonicwall.com

SUNNYVALE, Calif., Oct. 13 /PRNewswire-FirstCall/ -- Late last week SonicWALL, Inc. (Nasdaq: SNWL), a leading secure network infrastructure company, saw the first phishing threat to hit inboxes related to the banking-related crisis. The first threat targeted at Washington Mutual and Chase Manhattan online banking customers asks customers to verify their personal information using a dummy Chase website. If you are a Chase Manhattan or Washington Mutual customer and receive this type of email, you may be the victim of a phishing attack. Do not click on the link in the email and contact your bank immediately.

"We continuously monitor spam and phishing feeds for new threats. Given that scammers will often take advantage of topical subjects, we expected to see the recent banking industry shuffling generate phishing and other threat related emails. The Chase Manhattan phishing email hitting banking customer inboxes is a prime example," said Andy Klein, Sr. Product Manager, SonicWALL. "The merger and acquisition activities of Bank of America, Wachovia, Chase Manhattan, Washington Mutual and other banking institutions create an environment of confusion and inconsistency that scammers thrive upon. Banking customers will see a series of phishing emails asking for personal and financial details over the coming months and it is imperative to stay alert during this period of uncertainty."

With the rapid nature of the merger and acquisition activity in the financial sector that happened over the last few weeks and the lack of communication between financial institutions and their customers, phishers and hackers have an ideal opportunity to prey on uninformed banking customers. Information phishers seek varies -- anything from credit card information to account login info, to identity information. It can vary from attack to attack. In all cases, the phishing email will always direct the customer to a web site that looks like the real thing, but is not. Usually it is the "log in" page for that site. When someone enters their information it is usually sent to a "blind drop" -- another system somewhere whose purpose is to collect the information. The phisher will check the blind drop or at intervals will have the blind drop send the information to the phisher. The idea is to put as much distance between the phish and the phisher as possible.

As a precautionary measure, Andy Klein has outlined eight steps that banking customers could take to help further defend against these types of phishing-related security threats:

1. Be aware that phishing exists.

2. Improve your phishing IQ.