Spear Phishing – A Growing Concern for BanksIn their relentless pursuit for profits, cyber criminals are narrowing their focus on banks rather than its customers. Why is this so? Simply because cyber criminals are finding more success targeting banks than their customers.Cyber criminals are resorting to spear phishing (Definition) techniques to fool employees of bank. They send these employees convincing e-mails that trick them into clicking the malicious links. Such action will compromise the employee’s credentials or sensitive information. The victims may also be enticed into providing information about accountholders and their accounts. The hackers can then use this information to take over customers’ accounts.How are the banks employees tricked into clicking the malicious links in the targeted emails? The same way many of us are tricked. The emails are forged and seem to be coming from the management or staff within the organization, requesting urgent information. More often than not, this information is confidential or personal in nature, such as an account or a system. The emails may also seem to come from vendors or customers.Why are these hackers targeting bank employees rather than bank customers? Simply security for online banking and mobile banking has enhanced authentication, which makes it more difficult for hackers to breach. Unfortunately, some institutions have invested little to ensure security of their employees’ accounts, which makes them easy targets. Bank employees are targeted because they have access to important and critical information such as customer accounts.Enhanced email authentication standards can actually help organizations and companies authenticate emails and block spam, but the best way to ensure employees’ credentials are not compromised by phishing tactics is through education. Education should be geared toward helping employees identify socially engineered (Definition) campaigns. This applies not only to bank employees but employees in general.
Aside from educating employees on security issues, multifactor authentication (Definition) is essential for sensitive information, critical systems and servers. This will help in mitigating the impact of hackers stealing such information. Spear phishing is still the most prevalent method to infiltrate companies and gain access to systems that are protected. Therefore, it is imperative that organizations focus on employee education to reduce such attacks.
A Malware That Backs Up Your Data There’s a new data-stealing malware in the guise of a legitimate looking back-up application. It was found on Google Play store. The Save Me app claims to back-up your user’s contacts and in the near future, will include photos and videos, in the event that you lose your mobile device. Though it seems to be an app that we would all love to have, it is actually a variant of the information-stealing malware called SocialPath. It is distributed through spam via Twitter, Whatsapp and other social network platforms. The spam has a message to entice users to click on download link, such as, “I found your private photos here [link] click to see.” If the victim makes the mistake of clicking on the link, he / she will be requested to provide information such as name, email, phone number and a photo of the victim. It will then connect the victim to a Command & Control (C&C) server (Definition). Data including contacts, text messages, call logs and device information from the phone will then be uploaded to the C&C server. The malware, which lays hidden in the mobile device, can call any number designated by the C&C server and hang up the call based on a timer. The reason for this is revenue. In such cases, malware authors are known to call premium numbers to collect associated fees and money. The malware will then delete the call records to hide its activities. Google has removed the Save Me app from its Play store. Nevertheless, SocialPath has been doing its rounds disguised as an online reputation management tool. Well, it looks like we haven’t seen the end of this malware. |
Source |
1. http://www.bankinfosecurity.com/
2. InfoSecurity magazine |
Definition |
1. Spear Phishing – phishing directed at specific individuals and companies. It is a targeted email scam with the sole purpose to obtain unauthorized access to sensitive data.
2. Social engineering – to manipulate people to divulge confidential information. The criminals impersonate somebody that they are not in order to get their victims to reveal the confidential information.
3. Multifactor authentication – also called two-factor authentication that requires more than one form of authentication to verify the legitimacy of the transaction. This may include an authentication or a onetime password (OTP) that is sent to your mobile phone.
4. Command & Control (C&C) server – centralized machines that are able to send command and receive outputs of machines that are part of a botnet. ‘Botnets’ is derived from the words, robot and network. The botnet’s originator is able to control the servers remotely for criminal purposes |