Financial attacks rise 22.49% in Q4 2016

Sibahle Malinga
By Sibahle Malinga, ITWeb senior news journalist.
Johannesburg, 12 Jan 2017
The number of users attacked with financial malware increased 22.49% in Q4 2016, says Kaspersky Lab.
The number of users attacked with financial malware increased 22.49% in Q4 2016, says Kaspersky Lab.

In the fourth quarter of 2016, the number of users that encountered malware capable of stealing money or valuable financial information reached 319 000, 22.49% more than in the same period in 2015.

This is according to a Kaspersky Lab cyber threats landscape report, which found there was an increase in the number of attacks spotted during the Black Friday, Cyber Monday and Christmas period last year.

At end of 2016, Kaspersky Lab researchers conducted a retrospective look at the cyber threats during the holiday period (October, November and December) in the past three years. The main conclusion of their analysis was that criminals are trying to tie their malicious campaigns to specific holiday dates.

Analysis of the holiday period in 2016 showed that last year's season wasn't the exception. Kaspersky Lab detected attacks against 22.49% more users than in the same period in 2015. This means that after a decrease in 2014, cybercriminals are again investing in developing malware capable of stealing financial data, such as credit card information and online banking credentials.

Oleg Kupreev, security expert at Kaspersky Lab, says data on the dynamics of attacks shows that financial malware operators tried to attach their activity to particular dates in 2016, and the holiday season's contribution to the number of financial malicious attacks during this time is clearly visible.

"Financial malware attacks are on the rise again and all their targets - from owners and clients of e-shops, to credit card holders and banks - should be aware of the dangers and take adequate steps to stay safe.

"As a holiday season follow-up protection measure, we advise shoppers who used their credit cards to buy presents and goods during last three months to keep an eye on their financial transaction information in the coming months. Typically, criminals don't start to withdraw money from stolen cards right after the theft. They often wait for several weeks or even months to prepare for cashing out first."

To reach their goals, criminals used one of 30 families of banking Trojans, five of these are the most widespread: Zbot, Nymaim, Shiotob, Gozi and Neurevt. These trojans were responsible for attacks against 92.35% of users in the holiday period, adds Kupreev.

A Juniper Research titled: "Online Payment Fraud: Key Vertical Strategies and Management 2016-2020", found e-retail tops the list of online fraud with 65% of overall incidents estimated to reach $16.6 billion by 2020. Second on the list was online banking fraud, making up 27% of cases globally, which is valued at $6.9 billion. Airline ticketing fraud ranked in at third place with 6% of incidents making up $1.5 billion.