Despite the increase in Trojan viruses in Europe, in South Africa phishing attacks are still the major threat to financial institutions and other large corporations operating Web-based portals, which are accessed by high volumes of clients.
Karel Rode, Principal Consultant of RSA, the Security Division of EMC Southern Africa, says: “We believe that Trojans have yet to take off in South Africa because phishing attacks continue to be successful and are cheap to operate. However, we expect Trojans and other downloadable malware to become a serious threat as distribution methods evolve.”
A Trojan is malware that appears to perform a desirable function for the user prior to run or install, but instead facilitates unauthorised access of the user's computer system. In essence, it is a harmful piece of software that looks legitimate. Users are typically tricked into loading and executing it on their systems.
Rode explains that Trojans collect user credentials, and use trigger lists (for example, user login and bank name for specific logins, and even collects domain logins). User logins to company domains, VPN gateways, Gmail and Facebook are also useful information for Trojans.
One example is Man-in-the-Browser attacks (MitB), a Trojan that infects a Web browser and has the ability to modify pages, change transaction content or insert additional transactions, all in a completely covert fashion invisible to both the user and host application.
Through the Cybercrime Intelligence collected by its RSA FraudAction team, RSA has built up a substantial information base. “This enables us to identify a potential threat and approach the people or companies that have been targeted so that remedial steps can be taken,” Rode says. “Corporations must guard against the loss of internal login credentials, as fraudsters are no longer making the big money from banking logins and credit card theft. Corporations across the board need to be aware that these attacks can significantly compromise sensitive information.”
RSA is able to protect its clients using a risk-based engine with a step up authentication method. Called RSA Adaptive Authentication, the solution is customised for each organisation. It constantly evaluates the interaction between users and the organisation's Web site, identifying any anomalies that may occur. If the risk score for a user's device or actions reaches a certain level, the user is challenged for additional authentication details.
“This layered approach protects against multiple threats, including identity takeover, account takeover and account compromise - within multiple layers and multiple channels,” Rode says.
RSA has the credentials to help organisations protect themselves and their customers against Internet security threats. It was the first company to offer risk-based authentication as well as the first to offer both risk-based authentication and strong two-factor authentication in a software-as-a-service (SaaS) deployment (in the cloud).
Other firsts for RSA include its eFraudNetwork, a global shared repository of fraud resources, mutual authentication via site-to-user authentication, a 24x7 phishing takedown service, and a 3D secure service protecting millions of cardholders shopping at e-commerce sites.
Share
RSA
RSA, The Security Division of EMC, is the premier provider of security solutions for business acceleration, helping the world's leading organizations succeed by solving their most complex and sensitive security challenges. RSA's information-centric approach to security guards the integrity and confidentiality of information throughout its life cycle - no matter where it moves, who accesses it or how it is used.
RSA offers industry-leading solutions in identity assurance & access control, data loss prevention, encryption & key management, compliance & security information management and fraud protection. These solutions bring trust to millions of user identities, the transactions that they perform, and the data that is generated. For more information, please visit http://www.RSA.com and http://www.EMC.com.
RSA is a registered trademark or trademark of RSA Security, Inc. in the U.S. and/or other countries. EMC is a registered trademark of EMC Corporation. All other company and product names may be trademarks of their respective owners.
EMC
EMC Corporation (NYSE: EMC) is the world's leading developer and provider of information infrastructure technology and solutions that enable organisations of all sizes to transform the way they compete and create value from their information. Information about EMC's products and services can be found at http://www.EMC.com.
Editorial contacts