With the advancement of the Internet into just about every sector of life, it's no surprise that online banking has become incredibly popular. This service is both quick and efficient, with many institutions allowing for their account holders to even cash a check by taking a picture with their smartphone. Online banking's convenience is obviously a huge benefit, but what about its security?
Recent Trend Micro research has discovered that hackers have found an interesting dynamic when it comes to cyber attacks against financial institutions. As soon as one major hacking ring is taken down, another steps up to take its place.
Cyber criminals are hard to contain
Trend Micro security experts have discovered QAKBOT, an online banking threat that's had a major increase in sightings near the end of 2015. Having been in operation since 2007, QAKBOT certainly isn't a new problem. That said, its recent skyrocketing activity is interesting as it seems to be filling the void left by another threat.
DYRE/DYREZA was a different malware that also had the goal of targeting online banking institutions. However, the group behind its creation and implementation were arrested in November 2015, causing DYRE/DYREZA to see a steady decline in activity. Although hackers getting arrested for their crimes isn't really new, the compelling bit about this particular incident is how it affected QAKBOT.
Namely, Trend Micro observed a massive spike in QAKBOT activity following the arrest of the DYRE/DYREZA cyber criminals. In fact, the malware went from 1,639 sightings in June 2015 to 27,452 detections in February 2016. While this can't all be attributed directly to the November 2015 arrest of the DYRE/DYREZA attackers, it certainly would appear that taking down one specific threat simply opens up opportunities for a different one.
There are quite a lot of online banking threats
While these two are an interesting case study in the aftermath of a major cyber criminal arrest, they aren't anywhere near the most active threats out there. Trend Micro has found that QAKBOT only takes up about 3.03 percent of banking threat detections, actually giving it a decently small role in the grand scheme of things.
The big player is DRIDEX, which constituted 55.59 percent of risks to online banking. This particular threat begins with a phishing scam, where the hacker sends out email claiming to be an authority figure from a particular financial institution. These messages will contain a link to a word document, which when opened with the macro feature enabled will download DRIDEX onto the victim's computer.
Another fascinating aspect of DRIDEX is the fact that it is still incredibly popular despite U.S. and U.K. agencies working together to take multiple servers used in the botnet offline. Although this combined effort was successful, DRIDEX is still active in many parts of the world. Once again, this shows that waiting for law enforcement to make online life safe simply doesn't work. As soon as these agencies take a hacker collective down, another eagerly jumps in to fill its place.
Online banking is as safe as you make it
As with most online endeavors, users are only as safe as the precautions they take. Clicking a link in an email without being absolutely sure who is behind the message is asking for trouble, and online banking customers need to be aware of the risks out there. Trend Micro recommends users verify any email that seems out of the ordinary by contacting their banking institution.
That said, most people who use online banking can rest assured that even if their account is hacked, as they'll most likely be able to get their money back. Bankrate stated that federal law mandates customers must be compensated for loss of funds as long as they discuss the theft with their financial institution within 60 days of the charge showing up on a statement.
Sadly, this only applies to people who have taken the necessary precautions. Stuart Gerson, former U.S. attorney general, stated that victims "can't have done dopey things that exposed (their) account."
In addition to making due diligence with incoming emails, users need to beef up their general security. This means long, complicated passwords are an absolute must when banking. What's more, these phrases need to be completely distinct from other accounts. Hackers love when people use the same password for their bank as they do on Facebook, so make sure to have some disparity in order to maximize security.