Share to your friends :
Security Tips on Financial Frauds, Scams, and Security Related Mattes Viz latest scams, fraud and security center.
Technology has become integral part of finance industry with the growing digitization concept. Simultaneously, digitization has detrimental effect which gives a rise to financial fraud, and scam and results in the damage of institution reputation, loss of finance, and loss of crucial information of organization, it’s associated vendor and customers.
Cybercrime is evolving and growing fast and has become sophisticated as cybercriminals can rely on online tools available in online criminal marketplace. In this scenario, the bank has decided to provide knowledge on recent cybercrimes and aware and prevent from falling victim and facing hazardous consequences.
Banking Trojan
With the growing people relying on banking online, a malware has been created to harvest banking credentials and other sensitive financial and personal information stored by remotely installing malicious software on a victim’s computer system. Mostly the entry point for the attacker is a text message or email with an embedded phishing link. When a computer is infected with a banking Trojan, the user does not know that their PC is compromised. Use of Google Play Store is on rise to deliver banking malware embedding Trojan in decent applications using a dropper.
Banking Trojan Uses:
Spot Banking Trojan:
Stop Banking Trojan:
Phishing
Phishing attack is the most common cyber threat and occurs when an attacker masquerades themselves as a trusted entity and dupes a victim into opening an email. Mostly, the employees are compromised in order to bypass security perimeters, or to gain privileged access to secured data by gaining trust., The hacker then delivers a link that is loaded with malware that scrapes PC or mobile phones. Moreover, the hacker motive could be freezing the system as a part of ransomware attack or leakage of sensitive information.
Spot Phishing Scam:
Stop Phishing Scam:
Bank will never ask for confidential information such as account number, OTP code, transaction PIN via phone, SMS or email.
Vishing
Vishing is an attack that uses fraudulent phone numbers and voice-altering software to trick users into divulging sensitive information. The scammer usually starts with a message which contains a phone number to convince victim that they are calling from the government, tax department, police or the victim’s bank. Visher uses the computer-generated voice messages to remove accents and build trust.
Spot Vishing:
Stop Vishing:
Bank will never ask for confidential information such as account number, OTP code, transaction PIN via phone, SMS or email.
Money Mules
Money mule is a person who receives money from third party in their bank account and transfer it to another one. They exist to help launder proceeds with online scams and frauds or crimes. Money muling is a type of money laundering. The illegal money often comes from criminal activities like phishing, malware attacks, online auction fraud, e-commerce fraud, business e-mail compromise (BEC) and CEO fraud.
Money mules are recruited through:
Money mule target those individuals:
Avoid Money Mules:
Social Engineering
Social engineering also called “human hacking” relies on human error rather than vulnerabilities in software and operating systems. SE tactics is increasing and these attacks are getting more frequent, more sophisticated and make up three-quarters of fraudulent transactions. A scammer poses as a trusted entity exploit the email, social media and even face-to-face interaction and trick into transferring money to a bank account under their control, expose valuable data, spread malware infection, and give access to restricted systems.
Social Engineering Procedure:
Indicators of Social Engineering:
Avoid Social Engineering:
Bank will never ask for confidential information such as account number, OTP code, transaction PIN via phone, SMS or email.