Meghan O’Leary, CMO of BOHH Labs
With more people relying on the Internet, computers and phones for their banking activities, this makes their accounts more vulnerable to security risks and cybercriminals have noticed. One specific tool hackers use for banking attacks are called Banking Trojans.
Banking Trojans are a type of malware used by hackers to attempt to steal confidential information about users using online banking and payment systems. What this type of Trojan does is it redirects the traffic from a bank’s website to another a website that the hacker has access to. This works because the Trojan typically looks like a normal piece of software, but it has a backdoor for hackers, so once it is installed, the hacker can get access to the computer’s system and files. Basically, once a hacker has backdoor access, they have remote control of your computer and can send, steal, receive, delete and so on files from your computer.
Once the hacker infects the computer system with a Banking Trojan, it is all a matter of the waiting game. When a user takes part in an online baking activity, the software starts creating folders and editing registry entries each time the computer system is started. The Trojan also searches for specific cookie files that are related to financial websites that have been stored on the computer and can get information like login credentials and other access to the user’s information.
There are many ways a hacker will use a Banker Trojan to steal your information. Some of the most common methods include:
- Phishing (stealing information by impersonating a legitimate bank)
- Logging keystrokes to send captured data to remote servers
- Man-in-the-Middle attacks
- Stealing information from a clipboard
- Intercepting passwords
- Bypassing two-factor authentication
- Changing DNS settings to redirect users to malicious versions of legitimate banking sites
Now that you have a better understanding of what a Banking Trojan is and what it can do, there are some measures you can take as users to help ensure your information stays protected. Below are a few best practices tips to follow when online banking to help minimize your chances of become a victim to a Banker Trojan.
- Read and be familiar with your bank and credit card policies. If you receive a suspicious online notification, verify with your bank or credit card company before taking action.
- Don’t save personal information, bank account numbers and passwords on your phone or computers.
- Check for encryption on bank websites. Look for a small lock icon somewhere on your browser, and URLs that begin with “https:” This means the site is secured and your data is encrypted.
- Make sure your security software is up-to-date, regardless of if you are using a computer or mobile device.
- Change your passwords and PIN number frequently.
- Be careful of what you post on social media. This may sound silly, but by posting personal information about yourself on your social tools can give criminals easy access to find more information about you and use it to their advantage.
- Monitor your accounts. Regularly check in on your accounts to ensure all transactions are your own. If you find fraudulent or suspicious activity, immediately report it to your bank and they will put a hold on your card/take measures to secure your account and typically will cover your loss.
No comments:
Post a Comment