During the pandemic, interest in mobile banking has grown significantly in the world. According to consulting firm BCG, about 30%. At the same time, experts believe that the trend will continue in the future.
Evgeny Gnedin, Head of Analytics at Positive Technologies, spoke in an interview with Bloomchain about how safe it is to use mobile banking apps and how you can protect yourself from cybercriminals.
Evgeny Gnedin, Head of Analytics, Positive Technologies
– What cyber threats can mobile banking users face?
– Mobile banking is characterized by the same threats associated with the use of mobile applications. Criminals are interested in the ability to access users’ private accounts. For this purpose, malicious applications are used that steal the entered information, including logins and passwords, as well as one-time transaction confirmation codes.
– How will new methods of user authentication, for example, using biometric data, affect this situation? Is it easy to fake a “cast”?
“On the one hand, the use of biometrics makes it easier to identify and authenticate users, as it is much easier than remembering complex passwords or carrying hardware tokens. Also, passwords or tokens can be forgotten or lost.
But at the same time, if the stolen password can be changed to a new one, and the stolen token can be reissued, then this will not work with biometric data. We cannot change our face, retina, fingerprint or voice. Therefore, if the used biometric identifier data falls into the hands of criminals, the user will not be able to protect against its misuse.
In addition, the rapid development of information technology, especially deepfake technology, also needs to be watched out for. Attacks with their help are already used in practice and can lead to significant consequences. As in the case of one bank in Dubai, where fraudsters stole $35 million by defrauding a manager using voice cloning technology.
Read also: bank leaks – who regulates them and how to protect themselves
– The PT study said that at present, it is precisely financial gain that is gradually becoming the main goal of cybercriminals. What changes in this area have you noted and how would you explain them?
– Yes, according to our data, attacks with the aim of stealing information occur first. We attribute this to the fact that stealing money from an organization is much more difficult than simply copying the necessary files. Such an attack requires the qualification of a serious criminal and careful preparation, a significant investment of resources.
Today, criminals have learned to monetize attacks differently. Now they don’t have to steal money outright – ransomware attacks are widespread. They both encrypt the file and steal it at the same time, threatening to publish the stolen information on the Internet if the victim doesn’t transfer the money. In such an attack, we can talk about two motives at once, because for criminals, the stolen data is a valuable asset that can be used in other attacks.
The motives of cyber criminals. Data: Positive Technology Survey for the second quarter of 2021
What else could be the reason for such a change in the goals of cybercriminals?
– The growth in the number of attacks for financial gain is also due to the low threshold of entry into criminal schemes related to extortion, the development of the ransomware-as-a-service model.
Of course, data theft in some cases remains an important motive for criminals, but it is gradually fading into the background. According to our data, in the second quarter of 2021, information theft was the target of cyberattacks against financial institutions in 61% of cases, and a year earlier this share was 82%. During the same time period, the share of attacks aimed at financial gain increased from 29% to 48%.
Read also: how to protect personal data from leakage – instructions
– What tools are most frequently used by cybercriminals?
– The most pressing threat to modern organizations is ransomware attacks using ransomware Trojans. As of Q2 2021, they were used in 69% of attacks using malicious software.
It is important to note that what matters to criminals is not the scope of the company, but its size. The bigger the organization, the more attractive it is to attackers, simply because it can pay a bigger ransom.
– What about regular users?
– For them ransomware is not so relevant, attacks with the aim of stealing personal data and payments are much more dangerous. Banking Trojans (30%), Trojans for remote control of devices (29%) and spyware (27%) were mainly used in attacks against individuals.
Read also: ransomware is used in every second cyberattack
– What basic “digital hygiene” rules will help them avoid data theft?
– First of all, we advise you to be very careful in downloading any application to a smartphone that has banking applications installed. Also, do not download applications from unknown sources, as well as increase user rights on the device – we are talking about Root for Android devices and Jailbreak for iPhone.
In addition, it is important to remember about cyber hygiene when using a smartphone. With the regular installation of various games and other entertainment applications, the risk of downloading malware increases significantly. There are known cases when they are distributed even through official app stores.
It is also not recommended to click on links received in SMS, instant messages or emails from unknown or suspicious senders – this greatly increases the risk of infecting your smartphone as a result of a phishing attack.