Attackers can access the personal data and other sensitive information from virtually every online bank.
In the past year, there was a 75% increase in banking Trojans, allowing hackers to obtain financial credentials off mobile devices.
How and why they are doing it
There was an increase in backdoors, cryptomining, and fake apps throughout the second half of 2018. That is why it is important to secure mobile devices as well as their connected environments.
Most online banks contain critical vulnerabilities that could wreak havoc if abused. More than half (54%) of online banks allowed fraudulent transactions and theft of funds. All had threats of unauthorized access to client and company information such as account statements and payment orders.
About 77% of online banks had security flaws in their two-factor authentication process. In some cases, vulnerabilities allowed attackers to hack into the bank’s corporate network.
Much of this information ends up on the Dark Web. The average cost of an online bank user’s data on the Dark Web is just $22, a low price tag for a major disruption to a person’s life.
Banks not helping
Some of these security issues arise from banks not using one-time passwords for authentication, or allowing old passwords, which are more likely to be compromised. These issues are likely due to banks wanting to remain secure, but user-friendly, said cybersecurity expert Leigh-Anne Galloway of Positive Technologies.
“Ignoring security measures in favor of customer convenience increases the risk of fraud,” Galloway said. “If there is no need to confirm a transaction with a one-time password, the attacker no longer requires access to the victim’s smartphone. An old password increases the chances of it being broken into. With no limit applied to it, a one-time password of four symbols can be cracked within two minutes.”
How to protect yourself
Here are 5 ways to protect yourself from malware attacks:
- Avoid installing apps from unknown sources: If you receive a text or email with a link, instructing you to download something, you probably shouldn’t do it. Research the app developer, reviews, and download statistics. Look for typos and grammatical errors that could indicate suspicious activity.
- Click with caution: Be careful with messages in general. If you receive message from an unknown sender, be cautious interacting with it.
- Go directly to the source: Only download software from a company’s direct home page. Beware of the comment section though. They may contain links that criminals use to hook you in to make money from you.
- Use mobile security software: Smartphones carry as much data as computers nowadays. You should take advantage of mobile security software to protect you from online threats.
- Stay aware: New mobile threats surface constantly. Stay vigilant for warning signs of malicious intent.
Have you had your bank account hacked? If so, please leave a comment below and let’s start a discussion. Thanks for reading my post and I hope you have a great day!