During 2019 a total of 773,943 Kaspersky customers were attacked by banking trojans. This reveals a reduction, however, from 889,452 in 2018, but the % in the company sector that were attacked increased to over a third – 35.1%.
Phishing
Almost every 3rd attempt to visit a phishing page that was then blocked by Kaspersky was, it seems, related to banking phishing – 27%. Financial phishing also rose from 44.7% of all phishing detections to a higher 51.4% . Phishing-related attacks on payment systems & online stores represented almost 17% percent & 7.5% respectively. This is fully consistent with the figures over the past 2 years, whilst financial phishing of Mac users did fall a little to a new 54%.
Remote Working
Oleg Kupreev, a Security Expert at Kaspersky has gone on the record as saying: “While the overall number of attacks on bankers decreased in 2019, the growing interest for corporate users’ credentials indicates we are not yet seeing respite from financial threats.
While we are in the current peak of remote working during the Coronavirus pandemic, it is especially important to not underestimate criminals’ desire for stealing money.”
Full analysis of Kaspersky’s client base has now revealed the following:- Russia remained the nation most attacked by banking malware in 2019 (30% of attacks) then Germany (7%) & then China (3%).
Android
Android banking malware attacks also did fall to slightly over 675,000 from about 1.8 million, with Russia, South Africa, & also Australia as the most attacked countries by Android banking malware.
Kaspersky experts strongly recommend business to fully take these measures against looming financial threats:
- Invest in regular cybersecurity awareness training for employees in order to educate them not to click on links or open attachments received from untrusted sources. In addition, conduct a simulated phishing attack to ensure that they know how to distinguish phishing emails.
- Leverage advanced detection & response technologies as part of the Threat Management & Defence solutions.
- Use mobile protection solutions or corporate internet traffic protection to ensure that employees’ devices are not exposed to any financial & other threats.
Best practice is clearly to provide your security operation team with full access to Threat Intelligence, so that it remains current with the latest tactics & tools used by the cyber-criminals. Good advice!