Banks warn that fake e-shops selling face masks have mushroomed in Slovakia. (source: Sme)
To read in this article:
-What are the biggest threats in digital banking
-When to do simulated phishing attacks
-What security rules to follow when shopping online
“Dear customer, your last bank transaction was cancelled due to security reasons,” reads an email to a Slovenská Sporiteľňa’s client, instructing them to clink on a link below and enter sensitive data. A closer inspection, coupled with the fact that no bank asks their clients to give out their credentials, clearly indicates that this is a scam. While the banking sector, including e-banking services, remains prone to cyberattacks due to the nature of its business, the current COVID-19 pandemic has brought a surge in fraudulent schemes as the number of fake e-shops offering protective equipment has also mushroomed in Slovakia.
“The activities of fraudsters in the online environment have been intensifying during the current crisis,” said Marta Cesnaková, spokesperson of the biggest bank in Slovakia, Slovenská Sporiteľňa. “Thus, we advise clients to be cautious and watch out for dangerous e-shops.”
Mobiles and tablets are computers, too
Cybercriminals will continue to target banking websites and apps, and banks must continue to do their best to thwart their attempts, believes Miroslav Kořen, general manager of the antivirus firm Kaspersky for eastern Europe.
“Last year was marked by a worrying rise in mobile banking Trojans, malware designed to steal credentials and money from users’ bank accounts,” said Kořen, adding that this malware generally looks like a legitimate app, such as a banking application. When a victim tries to reach their genuine bank app, the attackers gain access to their credentials.
Researchers of the security software company Eset alerted the public to a dangerous trojanised application available for download on Google Play at the end of 2018. The tool, QRecorder, was built to record calls; however, one of its updates turned the app into malware, allowing attackers to gain remote access to the mobile banking apps of Android users. The attackers were primarily targeting users from the Czech Republic, Poland and German-speaking countries while on the basis of an official report of the Czech police, this malware robbed five clients of Czech banks of more than 2 million Czech crowns, or €73,000.
In general, Eset has not seen a big difference in terms of the forms of cyberattacks on online banking over the last two to three years. Attackers try to steal credentials either by infecting the device of the user or by phishing, i.e. luring individuals by email, telephone or text message into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.
The situation is more varied in mobile banking.
