In a white paper released in February, Kaspersky Lab noted that financial cybercriminals have shifted their focus from attacks against the private users of online banking, e-shops and payment systems, to attacks on the infrastructure of large organizations: banks and payment processing systems, along with retailers, hotels and other businesses.
The report noted that while the degree of difficulty is much higher going after institutional targets, so is the ultimate payoff. The report states, “This theory has been proved by the Carbanak financial cybercrime group and its followers, including the so-called SWIFT hackers, who were responsible for the majority of big financial cybercrime incidents in 2016.”
It points out that cybercriminals have stolen millions without being caught, using open source tools. While there has been a focus on higher-end crime, the report warns that overall attacks have increased in 2016.
In 2016, Kaspersky Lab’s anti-phishing technologies detected 155 million attempts to visit various phishing pages. Of those, 47.48% of heuristic detections were of a financial phishing page. This is a significant increase over the share of phishing detections registered in 2015 and the highest percentage of financial phishing ever registered by Kaspersky Lab (see “Phishing hole,” right).
The top targets of financial phishers are large transnational banks, payment systems and internet shops and auctions from the United States, China and Brazil. The list of these targets have remained consistent in recent years according to the paper (see “Where the money is,” below).
The study points out that while security modules continue to improve, so do the criminals so it is important to stay diligent. It advises owners of “Android-based devices, especially those with financial applications installed, to be extremely cautious when surfing the web and using applications.”
It concludes, “Organizations have done a lot to inform their customers about financial cyber risks and are now offering security products as part of their online banking services. But as our threat statistics show, there is still plenty of room for financial fraud operations involving phishing and specific banking malware,” and offers advice on how to avoid attacks (see “Defend yourself,” below).