Most vicious financial malware families in SA revealed
Recent findings from researchers from TrendLabs, the research arm of Trend Micro, have highlighted that the top three financial malware families affecting South Africans are Swisyn, Dorkbot and Zeus/Zbot.
Malware is a mechanism by which third parties can gain access to your computer or steal personal details and information, including passwords, through unlawful access to your information.
The TrendLabs researchers have highlighted several means through which users can become infected by these malware, including USB drives, social media posts, instant messaging apps, malicious links and spam. They can also be downloaded by other malware already residing in an infected computer.
Malware like Swisyn steals a user's keystrokes and passwords, launches denial-of-service attacks, and downloads and runs malware. In addition to this, attackers also configure this malware to spread via USB drives. Cyber criminals can utilise Dorkbot to snatch user login credentials - like Internet banking passwords - and execute commands as well as download other malware.
The malware family Zeus/Zbot is widely known for data theft. Variants of Zeus/Zbot can monitor a user's browser activities, including online banking transactions, and some can even disable online banking security software.
"There are steps that users can take to protect themselves from these malware. For one, check if the connection is secure and if the banking page is legitimate before doing any transaction by examining the URL and the site's security certificates," says Gregory Anderson, country manager at Trend Micro South Africa.
"Secondly, users should also be careful when opening e-mails that contain attachments and URLs in the e-mail body. If the sender is not familiar, it would be best to verify their identity before opening e-mails or delete them without opening them - no matter how many millions the e-mail is offering you or how legitimate the banking logos look. When using USB drives, please make sure that the 'autoplay' option is disabled whenever handling removable drives, and scan the drive before opening any files."
Another important factor is the security software users have on their devices. According to the TrendLabs researchers, it is best to install a security solution that is not only able to protect your machine against malware, but go a step further and check the reputations of Web sites and e-mails. It is vital that users keep their computers updated with the latest software and security patches.
"Money is money, and if a cyber criminal can sniff out an easy paycheque, they will grab it. What this highlights is that South Africans are as much a target as anyone; cyber criminals operate from anywhere and target whoever they please, but easy targets are the most appealing, which is why South Africans need to take steps to protect themselves," says Anderson.