Report: Banking trojan attacks increased 16 percent YoY; Android attacks up three-fold
In context: Financial phishing attacks are on the rise, with Kaspersky reporting this week that banking trojan attacks increased 16 percent year-over-year among their users. The news is even worse for Android users, with 2018 showing a three-fold increase in banking malware attacks YoY.
Kaspersky Lab recently revealed some grim news related to the use of banking malware, detecting almost 900,000 attacks globally in 2018, an increase of 16 percent versus 2017.
A banking trojan is malware that disguises itself as a genuine app, software, or login page for a bank, which users then access or install. Once the user inputs their login information into the spoofed page, the credentials are sent back to the malware developers, granting them access to the user’s bank account.
Each trojan operates a bit differently. For example, Marcher is triggered when a mobile user opens a genuine banking app, and overlays its own fake screen on top of the login screen. This method of gaining access often goes undetected by the user, as the fake login screen is usually a perfect copy of the real one. Zeus, another widespread banking malware, targets Windows users via spam emails and forced downloads.
While Russia and Germany accounted for almost 43 percent of all attacks, the increase in banking malware was seen across the globe. India, Italy, Vietnam, and the US were all hit hard, collectively accounting for almost 20 percent of all attacks.
The RTM trojan is the culprit responsible for a large portion of the increase, with the malware showing explosive growth in 2018 and becoming the most prevalent.
David Emm, Principal Security Researcher at Kaspersky, addressed the increased threat, saying:
“2018 didn’t give individuals much respite from financial threats. Our research demonstrates that infamous banking Trojan attacks are still increasing in number and hunting for money. The RTM banking Trojan was particularly interesting; its explosive growth massively inflated the attack figures last year. In the wake of these findings, we urge people to maintain caution when conducting financial operations online from PCs. Never underestimate the professionalism of modern cybercriminals — and never leave your computer unprotected.”
Those 900k attacks were measured among Kaspersky users only, and the news is much worse for Android users. Kaspersky’s research indicated that almost 1.8 million Android users fell victim to banking malware, an increase of over 200 percent YoY. Android users are far and away the most likely to be the target of financial phishing schemes.
How can you stay safe from banking trojans?
Download apps only from trusted sources, double-check URLs and from addresses.
If you’re an Android user, stay away from third-party APK installations and only download apps from the Play Store after verifying they are exactly what you’re intending to install. You can do this by checking the download count, and reading reviews of the app.
For Windows users, don’t download software from a site that seems shady, find another source or research the site before downloading. Here on TechSpot we have a software downloads section that caters to enthusiasts’ needs and we’ve had a security standard practice of scanning every file with VirusTotal before we offer it to users as well as warning them of potential third-party installers. Needless to be said, we’ve never supported that practice.
Don’t click any links in spam email, and look for “https” in the address bar when logging into banking websites to make sure the connection is secure. If you get an email from a banking service or payment service such as PayPal, check the “from” email address to make sure it’s coming from the expected domain. Preferrably, don’t click those links but access your bank’s website by manually accessing it from your web browser.
Use two-factor authentication whenever you can.
Two-factor, or 2FA, is becoming more prevalent across apps and websites alike. Two-factor requires a secondary verification, be it a phone number or authenticator app, and makes it that much harder for your account to be compromised. Most banks offer 2FA, and if yours is one of them then it’s in your best interest to take advantage of it, at least until less intrusive ways of logging in become available.
Update your security software.
Make sure your flavor of anti-virus is being updated regularly. If you’re using Windows Defender, make sure Windows Update is running to keep the definitions up to date. Our security downloads page offers a repository of the latest versions of all types of virus scanner and security applications. Malwarebytes is one of the most recommended (and free) security apps to complement the OS’ security capabilities.
Be aware of suspicious-looking login pages and apps.
If your bank’s login page suddenly looks different than you remember it, tread carefully. Your bank will likely never ask you for personal information, so if you’re being asked to provide more than just your login credentials, something may be amiss. If your login page does sound the alarm, double check the URL or verify the app’s authenticity via the app store. Scan your device for malware before proceeding.
Never trust unofficial banking apps, even if they are offered in the Google Play or Apple’s App Store.
That’s just a basic shortlist of security essentials to remain safe when logging in to your banking institution’s sites and mobile applications.