Kaspersky: Banks beware
Attacks on banks across the globe are becoming more and more sophisticated
Attacks on banks across the globe are becoming more and more sophisticated, with even two factor authentication methods such as security tokens being bypassed, according to Nikolay Grebennikov, Chief Technology Officer at Kaspersky Lab. Banks try to protect themselves as much as they can, especially big banks, but in many cases this is not enough.
“In Germany, in 2012, several people were tricked into transferring their own money directly to cyber criminals. When the user enters the data from the hardware device into your computer and are authorised, they see a screen showing their account balance with double the amount of money they should have,” says Grebennikov. “The user then gets a message supposedly from the bank saying that there was a wrong transaction made and please return the extra money to the following account. The user transfers it back using the hardware device for authentication. When the user returns the money, it will show the original amount they have in their account. When they next log in, their account balance is zero. The money they transferred was actually their own money. The transaction screen they saw on log in was a modified page done by the cyber criminals.”
Kaspersky Lab’s new Safe Money for Banks solution provides protection from phishing attacks, as well as blocking targeted SSL certificate spoofing attacks designed to make sites look legitimate. The security solution does this by matching certificates against a database created by Kaspersky Lab. If a certificate turns out to have been spoofed, the solution alerts the user.
After Safe Money for Banks has made certain that the user Kaspersky Lab announced that it is developing a new targeted solution, Safe Money for Banks, which will enable financial institutions to better protect customers from financial cyberattacks.