(MENAFN - Khaleej Times) Gangs of cyber thieves use sophisticated methods to gain access to financial info
Dubai — Millions of people who use online banking and payment systems are at risk of serious financial losses due to cyber fraud research from cyber security giant Kaspersky Lab has revealed.
A survey carried out by Kaspersky and B2B International found that 43 per cent of respondents reported attacks aimed at getting access to their financial information.
Kaspersky senior security researcher Ghareeb Saad said the widespread use of online banking in the UAE and across the GCC has made the region a particularly attractive target for cyber criminals.
“Online banking has become very popular in the Gulf” he said. “In the last two or three years we have seen malware specifically modified ... to target the financial sector in our region.”
Saad noted that financial losses due to online fraud range from miniscule amounts to the sacking of entire bank accounts. “In some cases the amount taken from users is so small that they will not be able to notice. In other cases they’ll steal all you have in your bank account.”
Of those who lost money due to electronic attacks 44 per cent said they were unable to recover it all.
Saad said the ability of victims to recoup their losses is completely dependent on how soon they notice they have been subject to an attack. “It really depends on the action of the user. If they are able to report to the bank or to law enforcement (agencies) within a few hours or a day then they may well be able to recover the money. It has to be very very quick.
“But if it takes two or three days or a week account transactions have taken place and the cyber criminals may have spent it all in online shops. At that point it is very difficult to get it back.”
Crime corporate style
According to Saad sophisticated professional gangs specialised in cyber fraud tend to be organised like regular business corporations.
“This is often the work of very organised multi-national cyber gangs with multiple departments” he said. “For example the gangs will often have a technical department that develops malware another department that chooses victims another for storing information and even a separate one that is responsible for what to do with the money.”
The criminals use a variety of techniques to gain access to a user’s financial information. Among the most common Saad said are “phishing” attacks in which users receive an e-mail — supposedly from their bank — asking one to log in because the bank needs to upgrade their system. These attacks often take the users to a website looking exactly like the actual one used by the bank.
Additionally criminals are sometimes able to gain access when users unwittingly download “key logging” malware which records log-in information or by logging on to their bank while on an insecure public Wi-Fi network such as those in local coffee shops.
Saad urged users to be knowledgeable about the various forms of cyber threats and how to avoid them. “Awareness is the most important thing. Understand how online banking and the criminals work. For phishing attacks for example make sure the domain name of the online bank is exactly as it should be not with a little less or a little more added on.
“Also make sure to instal protection solutions and that you use encrypted websites. But the easiest thing would be to only use online banking from home or a trusted network.”