Secure content and threat management solutions developer Kaspersky Lab is alerting Filipinos, banks and services against financial cyber attacks that dramatically increased in number last year.
According to the findings of Kaspersky Lab’s study “Financial cyber threats in 2013,” cybercriminals around the world are trying harder than ever to acquire confidential user data and steal money from bank accounts by creating fake sites and web pages imitating financial organizations or internet resources.
The study revealed that this fraudulent scheme more popularly known as “phishing,” targeted more financial institutions in 2013, when the number of attacks on banking sites, online stores and e-payment systems rose to 31.45 percent from the 22.95 percent recorded in 2012.
Phishing, a conscious misspelling of the word “fishing”, is a form of cyber crime which involves stealing confidential data from a user’s computer and subsequently using the data to steal the user’s money.
Kaspersky Lab noted that phishing attacks are more popular with scammers because they threaten all devices which can access web pages.
“Phishing attacks are so popular because they are simple to deploy and extremely effective. It is often not easy for even advanced Internet users to distinguish a well-designed fraudulent site from a legitimate page, which makes it even more important to install a specialized protection solution,” said Sergey Lozhkin, Senior Security Researcher at Kaspersky Lab.
Lozhkin also warned that phishing causes reputational and financial damage to organizations that see their brands exploited in the cyber attacks.
A worrying trend: Banks under attack
To get a big profit, phishing sites aimed at getting users’ financial details mainly use the brand names of e-payment systems and online banking systems as well as popular companies and online stores.
Among e-payment systems, the “favorite” targets of phishers has involved one of these four international brands: PayPal, American Express, Master Card and Visa. For several years, the names of online stores which were the most popular covers for phishing attacks worldwide were Amazon, Apple and Ebay.
But last year, the Kaspersky Lab study observed a “worrying trend” in the distribution of the online financial attacks.
In 2013, the most attractive targets were banks, which were used in 70.6 percent of all financial phishing activities, a sharp increase from the 52 percent recorded in 2012.
Overall, the number of phishing attacks targeting banks almost doubled from 11.92 percent in 2012 to 22.2 percent in 2013. On the other hand, the number of attacks on online stores increased insignificantly by 8.5 percentage points while those targeting payment systems dropped by 2.63 percentage points.
“The conclusion here is obvious: the attackers are increasingly focusing on bank web services and this is one of the strongest trends in the area of phishing threats,” the study said.
The Philippine situation
The findings of the Kaspersky Lab study are timely for a country like the Philippines where banks have capitalized on the use of e-banking technology to provide fast, efficient and reliable services.
In a status report last year, the Bangko Sentral ng Pilipinas (BSP) said banks have responded well to market innovations with the growth in e-banking platforms.
The BSP said in recent years, these platforms have widely evolved from automated teller machine (ATM) networks, internet banking and mobile phone banking to the more sophisticated use of e-money instruments such as cash/remittance cards and electronic wallet which are accessible via mobile phones or other portable devices like tablets.
As of June 2013, the BSP data show that there are 74 banks with an ATM network, 62 banks are offering electronic wallet, 29 banks with cash/remittance card products, 43 banks with internet banking, 16 banks offering phone banking, 30 banks engaged in mobile banking and 35 with hybrid mobile/internet banking services.
Kaspersky Lab Southeast Asia Channel Sales Director Jimmy Fong said that “With this developing situation on e-banking platforms in the Philippines amid increasing online attacks, we are advising Filipinos and businesses here to enhance their protection against financial cyber threats.”
The company said that in 2013 alone, Kaspersky Lab products protected about 39.6 million users from the threat of phishing attacks.
The standard anti-phishing mechanism in Kaspersky Lab security solutions for home users and small businesses are supplemented with Safe Money technology that reliably protects user data during online banking or payment sessions. The effectiveness of this technology is confirmed by special trials carried out by independent test labs such as AV-TEST, MRG Effitas and Matousec.
Companies, banks and e-payment systems that need to safeguard their clients from cybercriminals and to protect their own reputations may benefit from Kaspersky Lab’s comprehensive Kaspersky Fraud Prevention platform.
It was developed to deliver rigorous, multi-layered security for online banking and includes programs for customer endpoints, a server solution to check customer transactions as well as a set of components to develop protected mobile applications.
Those using smartphones or tablets for online banking, e-payment system or online shopping, can protect their devices with the reliable Kaspersky Internet Security for Android, which includes advanced tools providing protection against malware, phishing and device loss or theft.
About Kaspersky Lab
Kaspersky Lab is the world’s largest privately held vendor of endpoint protection solutions. The company is ranked among the world’s top four vendors of security solutions for endpoint users*. Throughout its more than 15-year history Kaspersky Lab has remained an innovator in IT security and provides effective digital security solutions for large enterprises, SMBs and consumers. Kaspersky Lab, with its holding company registered in the United Kingdom, currently operates in almost 200 countries and territories across the globe, providing protection for over 300 million users worldwide. Learn more at www.kaspersky.com.
* The company was rated fourth in the IDC rating Worldwide Endpoint Security Revenue by Vendor, 2011. The rating was published in the IDC report “Worldwide Endpoint Security 2012–2016 Forecast and 2011 Vendor Shares (IDC #235930, July 2012). The report ranked software vendors according to earnings from sales of endpoint security solutions in 2011.