Cybersecurity in Banks - Common Threats

• Credential Stuffing

Credential stuffing is a type of cyberattack in which a cybercriminal uses stolen usernames and passwords from one organization/Bank to access user accounts obtained in a breach or purchased off of the dark web.

Credential stuffing attacks are one of the most common causes of data breaches as 65% of all people reuse the same password on multiple accounts or sometimes all accounts.

The opportunity for cybercriminals to use credential stuffing is only growing as more credentials are exposed through breaches; at present, billions of compromised credentials are circulating on the dark web.

 

• Phishing Attacks

Phishing is a fraudulent way of obtaining detailed account information through unauthorized methods, the most common being fake emails that resembles a typical email from the company. In the banking sector, phishing aims to gather personal information such as banking logins, PIN, bank account number, and credit card numbers. This information is used by fraudsters to access accounts, make transfers, commit credit card fraud, or sell the information on the black market or the dark web.

People who attempt phishing attacks are usually a group of professionals running illegal operations. When calling or sending emails to customers, the hackers take a common approach of asking customers to help them reset or update their banking data by asking for login or other personal information. This is done by clicking on a link or verifying personal information over the phone to an automated call or live individual.

 

• Trojan/Malware attack

A Banker Trojan is a malicious computer program designed to gain access to confidential and/or material information stored or processed through online banking systems. This type of computer program is built with a backdoor, allowing outside parties to gain access to a computer, or it may instead copy a bank client's credentials by spoofing a financial institution's login webpage.

It is a form of Trojan horse and can appear as a legitimate piece of software until it is installed on a computer device. Once installed, the Banker Trojan can gain access to computer files and systems, which attackers use to make unauthorized transactions, steal clients' identities, or withdraw client funds to attackers' accounts.

 

• Ransomware

Ransomware is a cyber-threat in which the malware encrypts the critical data and makes it impossible for owners to access until they pay a hefty fee or ransom. It is a significant threat to banking institutions, as in the past year, 90% of them have experienced ransomware.

Apart from challenging Cybersecurity in Banks, threat of ransomware also extends to cryptocurrencies. Decentralized nature of cryptocurrencies provides an opportunity to cybercriminals to hack into trading platforms and steal funds.

 

• SIM Swap Scam

Mobile numbers have become an identity of a customer and many banking services are being offered through mobile these days. The bank has built many security features around mobile numbers like transaction messages, One Time Passwords for financial transaction, NetSecure Code, etc. Such information is very essential to defraud the customers. In SIM-Swap Frauds, the fraudsters get duplicate SIM card from telecom operators on the pretext of lost SIM or connivance with their representatives and then access such confidential information sent by the bank.

The rising threat of ransom Cyber criminals are increasing for smaller banks and credit unions. These smaller financial institutions may not have well-placed cybersecurity defenses to avert hackers. Therefore, they become attractive target for cyber attackers.