Posted on April 18, 2020 at 5:47 AM
Last year, more than 700,000 Kaspersky anti-virus users were attacked by banking Trojans. Among these numbers, a third of the victims were from the corporate sector.
From Kaspersky’s research analysis, 43% of the corporate users affected were from Egypt. The Kaspersky security research team released this report recently to show the actual landscape of cyber attacks on corporate users.
Banking Trojan is given such a name because of its widespread attacks in the corporate sector. They are now the most common tools for cybercriminals who want to steal money.
The Trojans generally search for users’ online banking and e-payment details. When they get the users’ one-time passwords, the Trojans send the information to the attackers.
More corporate users being targeted
From Kaspersky’s findings, about 35% of the total banking Trojan attacks last year targeted corporate users. That’s an increase from the previous 3 years record that has been consistent at 24% to 25%.
Security experts revealed that the increase in the number of corporate users is a result of more compromise of employee data. A compromised employee data is the major loophole through which the attackers get to corporate financial resources.
According to the researched data, Egypt takes the pole position as the country with the most attacks in the Middle East, which accounts for 43% of the attacks on corporate users.
Second on the list is Bahrain with 41% and UAE with 37%. Qatar, Kuwait, and Saudi Arabia are among the most affected nations with 37%, 54%, and 30% respectively.
Users are urged to be more cautious
According to a security expert at Kaspersky, Oleg Kupreev, the total number of attacks based on Banking Trojan has reduced in recent years. But it increased particularly for corporate users.
“The growing interest for corporate users’ credentials indicates we are not yet seeing respite from financial threats,” he said.
Oleg urged the corporate sector and individuals to stay vigilant when carrying out financial operations because the amount of attacks on financial data has increased tremendously. As the world is adjusting to the remote working life during this COVID-19 pandemic, it’s important for people not to play down the desire of cybercriminals to steal money, he said.
Kaspersky found out a few things about the threat posed by both phishing and malware attacks.
According to the report, financial phishing attacks rose to 51.4% last year from its previous 44.7% in 2018.
Also, a third of the entire phishing pages blocked by the Kaspersky anti-virus software were from attackers trying to access financial resources. 7.5% of all attacks last year were phishing-related attacks on online stores and payment systems. This figure is almost the same as in 2018.
Kaspersky also reported that users from China, Germany, and Russia suffered the most malware attack last year.
Corporate users accounted for 35% of attacks by banking malware, which is an increase from the previous record of 24.1%.
Last year, about 675,000 users were victims of an android banking malware attack, which is a significant drop from around 1.8 million the previous year. Australia, South Africa, and Russia were among the nations with the highest number of Android banking malware attacks.
Preventing banking malware attacks
Kaspersky has advised that threats that target businesses, such as financial fishing and banking Trojans, should not be allowed to reach an employee’s endpoint. With the use of a proper security gateway on the network level, most of these threats could be erased before they swim into the user’s system.
With proper security software, there will be safe internet traffic and transactions, which ultimately prevents different types of cyberattacks.
Additionally, Kaspersky has advised users on other measures to make sure their systems are protected from attacks.
According to the security firm, business organizations should carry out frequent security awareness training programs on their employees. With more knowledge about the security threats and their prevention, employees will be well equipped to deal with these issues on their own, Kaspersky said.
They can even carry out experimental phishing attacks to teach them how to defend against such attacks when they eventually target their systems.