Banking Malware – How Safe are we in Online Banking?


What Is Online Banking Fraud?

Online Fraud is the act of committing a financial fraud which has a digital footprint. Some of the key frauds are business opportunity fraud, Charity donation fraud, Domain name scams, Identity fraud and Mass marketing fraud. Scammers most frequently use Malware, Trojans, Phishing and Vishing to carry out such attacks. These acts by cyber criminals tend to siphon off financial, personal or intellectual property data of any individual or organization. Ransomware based malwares are created with the sole intention to extort money from their victims.

If you are targeted with hoax e-mails, which appear to be genuine bank emails, then you need to be alert enough to respond to such e-mails. These e-mails ask you about the security details, hence, you need to be ensure that your logging into the authentic banking site. Banks never send any e-mails to the customers to get the confidential details. Thus it is better to stay alert! Sometimes, the purpose of the websites is to obtain your credentials to access your financial accounts. Alternatively, these websites may ask you to install software from any link given in the page. By downloading the software you are in fact tricked into downloading a virus.

Malware is in all sorts of malicious and harmful software. Unrequested and undetected, it succeeds in installing itself on your computer. Malware influences normal computer processes and steals information. Fraudsters use malware to get money out of your account as well as to commit identity theft. If computer is infected by Malware that will sends information to your bank that is different from that which you intended – for example the recipient of a payment. Malware could also introduce additional data fields in an otherwise genuine site, by injecting additional code into your browsing session within your browser.

How Malware Spreads?

While visiting a website, you may get a pop-up which states that it has found a virus on your computer; and exhorts to install a free trial of a virus scanner or run an online scan of your computer. You get an e-mail that appears to be from your bank with the request to install the attached update to plug into a hole in their internet banking security. This can also happen when you find a video on the internet. In order to play it, you have to install a special plug-in which in itself is malicious. Naturally not every download contains malware, but it is definitely the case that malware is often downloaded along with unknown files from the internet.

Preventive Measures

  • Make sure your Smartphone or tablet is always protected with a PIN which is difficult to guess.Do not reveal your PIN to anybody, nor write it or store it where it can be found. It is a good practice to regularly refresh passwords and PIN codes, ensuring that you are using a unique combination of letters, numbers and punctuation for your various log in details.
  • Make sure your PC is sufficiently secured, for instance by installing an up-to-date version and a virus scanner or a secured WI-FI connection.
  • Use the option for a text message to be sent every time a transaction occurs on your account. This will notify you of fraudulent transactions as soon as they happen.
  • If someone calls you up on behalf of your bank and asks you to provide personal data and/or to sign electronically, refrain from taking any action at all, for your bank will never ask you to provide this kind of information.
  • Put your electronic signature only for orders you expect or have initiated yourself.
  • In case of doubt, immediately abort the transaction and take contact with your bank’s help desk, especially when the procedure for signing differs from the usual procedure.
  • Check your statements of account at regular intervals.
  • Keep the banking and other apps on your device regularly updated.
  • In order to avoid such incidents, use reputed Anti-Virus and IT security solution providers like eScan and stay safe from all such attacks.

 

Other Types of Malware and its Characteristics

Ransomware is a form of malware that gives criminals the ability to encrypt the files on a computer – then display a window informing the owner that it will not be decrypted until a sum of money is paid. The best-known variety of ransomware in recent times is called CryptoLocker.

CryptoLocker is one of the nastiest pieces of malware ever created. It’s not just because it takes money from you but due to the sheer fact that your important files are encrypted rendering them useless. It is also to be noted that once it manages to encrypt your data, there is no way for you to decrypt those files except the one provided by CryptoLocker itself ie. Payup the ransom and get the decryption key.

Phishing Perpetrators of online fraud using the phishing technique try to get hold of your personal data and or your Credit/ Debit Card by sending e-mails, sms messages or calling you on the telephone. This data  will allow them to withdraw money from your account but also to perpetrate identity fraud. Phishing does not only affect Internet banking but it can also pose a threat to any payment system via digital wallet. This can happen if you receive an e-mail out of the blue. The message appears to be from your bank or the company issuing your credit card. You have to click a link to a website that looks extremely similar to your bank’s own website.On this site, you read that you must enter, complete or check your personal data concerning your accounts, credit cards and codes. This will be for “security reasons”, “file checks”, “data loss”, etc. Sometimes you will also be requested to mail your data directly to a specific person.Although phishing is mainly done via e-mail, fraudsters can also call you on the telephone. They pretend to be a bank employee telling you that there are problems with your bank account or your credit card and your financial security is on stake.

Vishing, similarly to a phishing scam, the fraudster will masquerade as a well-known and trusted business in an attempt to gain information. However, rather than this being carried out via email, the scammer will telephone their victim. They could also be tricked by phishing emails or vishing phone calls into disclosing your password and other confidential details. Identity theft caused by viruses or spyware, give criminals to access to your bank account and other personal information stored on your computer.

Smishing scams are similar to phishing scams.You get a sms message from a bank or service provider asking you to do something. However, the Smishing is really a message from a scammer.While most people are familiar with email phishing scams, they’re less skeptical when receiving Smishing messages and victim gets trapped easily.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: