Banking Trojans – You won’t spot them until it’s too late.

There’s a race occurring daily and it’s as competitive as any competition imaginable. What’s at stake you ask? Your bank account…

Cybercriminals are hard at work, chipping away at any form of protection you or your bank can throw at them.

The problem?

The bad guys get as many attempts as they want and the bank only has to fail once before millions can be lost and just as many accounts are compromised.

Think you’re too small of a fish to be a target? New data suggests that cyber attacks aimed at small businesses have doubled over the past six months. According to Symantec, the security firm found that 36 percent of all targeted attacks during the last six months were directed at businesses with 250 or fewer employees.

How are they doing it? You. Whether it’s a website you visit or an email attachment you’ve opened, the internet is littered with botnet-creating, information-stealing Trojans. A botnet Trojan is a small program that first infects your computer and then sends information from infected computers to remote servers.

When thousands of copies of a botnet Trojan have been installed on computers all over the Internet, you get a network of machines under the remote control of a cybercriminal — a botnet. The reason this method has proven to be so successful for the bad guys is that the owners of the infected machines usually aren’t even aware that anything wrong is happening.

One recent story on how quickly things can go awry occured on July 10th, when crooks who’d broken into the computers of a fuel supplier in southern Georgia attempted to transfer $1.67 million out of the company’s accounts. When that failed, they put through a fraudulent payroll batch totaling $317,000, which the victim’s bank allowed. Shortly after the dust settled, the victimized company hired an outside forensics firm to investigate, and found that the trouble started on July 9, when the firm’s controller clicked a link embedded in an image in an email designed to look as though it was sent by the U.S. Postal Service.

Criminals are using these botnets to perform a whole slew of malicious internet activities. Whether it’s mounting distributed denial-of-service (DDoS) attacks or sending out spam emails, like anyone else they’re after the money. Banking Trojan botnets are used specifically to snag login credentials to online bank accounts and payment processors such as PayPal.

While banks are constantly refining online account security by coming up with new methods for authenticating users, there are still steps you can take as well. One comes from a service provider called ThreatSTOP. They utilize your existing firewall to exponentially increase your security. As previously mentioned, these Trojans need to call home to their remote servers with the newly acquired information they’ve stolen, but ThreatSTOP blocks that return information dead in its tracks.

In business it’s often about the bottom line. There are criminals out there trying to attack yours….what are you doing to protect it?  Stop the threats…with ThreatStop.

If you would like to learn more, please feel free to email me, or stop by the ThreatStop website.  If you sign up for their free trial, be sure to let me know.

Rick

Leave a Reply