Last year, 773 943 users of Kaspersky solutions globally were attacked by banking Trojans, a third of which (35.1%) were in the corporate sector.
African countries were not unscathed. Almost one in a hundred (varying from 0,9 to 1%) in South Africa, Ethiopia, Nigeria and Kenya were targeted by banking Trojans at least once during 2019, yet the share of affected corporate users varied greatly in these countries.
Banking Trojans or ‘bankers’ are one of the most commonplace tools for attackers as they aim to steal money. This malware usually searches for credentials for e-payment and online banking systems, hijacking one-time passwords, and then passing that data to the criminals.
Over the past three years, the numbers for attacks targeting corporate users remained steady at 24% to 25%. Kaspersky says this is because attacks on the B2B sector could not only provide access to banking or payment system accounts, but, through employee exposure, could also compromise a company’s financial resources.
Oleg Kupreev, a security expert at Kaspersky, says while the overall number of attacks with bankers decreased in 2019, the growing interest for corporate users’ credentials indicates we are not yet seeing respite from financial threats.
The security firm urges caution when conducting financial operations online from PCs.
"While we are in the current peak of remote working during the Coronavirus pandemic, it is especially important to not underestimate criminals’ desire for stealing money,” Kupreev adds.
The research also shows that Ethiopia has the largest share of corporate users who were targeted by banking malware in African regions, reaching 71% in 2019, which means that almost two thirds of banking malware attacks in the country were aimed at the corporate sector.
This is followed by SA, where this figure is significantly smaller and can be compared to the global number, reaching 30%. Kenya and Nigeria had lower numbers, with 22,5% of these attacks going after corporate devices, and Nigeria, 13%.
Other key findings of the report reveal that last year, the share of financial phishing increased from 44.7% of all phishing detections to 51.4%, and nearly one in three attempts to visit a phishing page blocked by Kaspersky products was related to banking phishing (27%).
In addition, the number of phishing-related attacks on payment systems and online stores accounted for almost 17% and over 7.5% respectively in 2019, which mirrored the previous year’s levels.
Kaspersky advises businesses to invest in regular cyber security awareness training for staff, to conduct simulated phishing attacks, and employ technologies that give security operation teams full visibility over the network and enable response automation. Also, to use mobile protection solutions or corporate Internet traffic protection to ensure employees’ devices are not exposed to financial and other threats.
Share