The percentage of malware detected each month in the financial sphere is dropping, but the number of malicious programs built to target these institutions is growing. This is according to a Kaspersky Lab report, which reveals the most common methods used by cyber-criminals to attack financial institutions.
The report also shows the Internet is being used as the primary delivery mechanism, which makes them less conspicuous and less likely to attract the attention of security systems. “Also, malware which infects victims' systems via the Web are hosted on Web servers; the code can be modified before it is delivered to the victim machine or system, which hinders analysis and detection.”
Kaspersky attributes the increase in malware packages to the growing amounts of money criminals can make online. “In addition to stealing funds, cyber-criminals need ways to liquidise their virtual assets,” adds the company.
Some of the more common methods used are phising, redirection of traffic and the man-in-the-middle scheme.
“Phishing is still a very effective way of getting users to give away their personal information. Additionally, cyber-criminals are constantly devising more ingenious social engineering schemes in order to trick the more security-savvy users,” says the company.
Modifying DNS servers to redirect traffic to fake sites, or placing a Trojan in a victim's machine has also remained a popular method. “However, redirected traffic will not be processed in real-time; when cyber-criminals do this a 'man-in-the-middle' attack is used to intercept traffic.”
Kaspersky suggests banks implement two-factor authentication, because single-factor can be bypassed with ease. “However, there are several other methods that can be used to enhance modern protection mechanisms or improve them,” concludes the report.
Related stories:
Malware faces task force
Cyber-crime on the increase everywhere
Kaspersky founder visits SA
Share
