"Malware authors have been testing this technique since the start of the year, adjusting focus from industry to industry," he said.
They're tweaking the initial payload, the realism of the typo domains, and adapting their techniques as they go along.
"They're experimenting with industries that are not their primary target," he said.
In addition to keeping an eye out for these sorts of attacks, Leonard suggested that banks increase their degree of cooperation with their peers, industry groups, and government agencies.
Sign up for MIS Asia eNewsletters.