The author's IP was likely added to a databases like shodan that includ information showing vulnerable services were running.

The attempts are not because the author is a bank, but rather because the percieved difficulty is deemed to be trivial.