As Featured on Pymnts.com
When something works for cybercriminals, they stick with it. Especially when it comes to phishing schemes, which typically don’t take as much effort but can result in huge payouts. Andrey Pozhogin, cybersecurity expert at Kaspersky Lab North America, joined PYMNTS to discuss the latest trends across the financial cyberthreat landscape and why the widespread threats of financial phishing, banking malware and Android banking malware are only getting bigger.
PYMNTS: How have phishing schemes evolved in recent years?
AP: Among all of the existing types of cybercrime, phishing is popular with cybercriminals due to it being the most affordable in terms of the investment and level of technical expertise required. Also, it has the potential to result in a big payout if successful. In most cases, as a result of a successful phishing campaign, a criminal would receive enough payment card credentials to cash out immediately or sell the details to other criminals for a good price. The combination of technical simplicity and effectiveness makes this type of malicious activity attractive to amateur criminals.
PYMNTS: Can you discuss the biggest trends observed in financial phishing, banking malware and Android banking malware?
AP: With the ease of online and mobile banking, e-shops and payment systems today, the usage of these services has grown, and, in turn, the number of financial phishing attacks we’ve detected has increased as well. Our analysis of the topics that criminals use in their scams (online banking, payments systems, Internet shop web pages, etc.) confirms this:
Almost half of all phishing attacks (fraudulent email messages or copycat websites that appear legitimate) registered in 2016 by the company’s heuristic detection technologies were aimed at stealing victim’s money.
Banking phishing schemes are the absolute leaders among all types of financial phishing. Every fourth attack used fake online banking information, or other content related to banks — a result that is 8 percent higher than in 2015.
In 2016 the number of users attacked with banking Trojans increased by 30.55 percent to reach 1,088,900. Nearly 18 percent of users attacked with banking malware were corporate users.
Users in Russia, Germany, Japan, India, Vietnam and the U.S. are the ones most often attacked by banking malware.
Zbot is still the most widespread banking malware family (44.08 percent of attacked users), but in 2016 it was actively challenged by the Gozi family (17.22 percent).
Android banking malware:
In 2016 the number of users that encountered Android malware increased 430 percent to reach 305,000 worldwide. This is mostly due to a single Trojan which has been exploiting a single security flaw in a popular mobile browser for months.
Just three banking malware families accounted for attacks on the vast majority of users (81 percent).
Russia, Australia and Ukraine are the countries with the highest percentage of users attacked by Android banking malware.