It may not be just you. Increasingly, it could be cybercriminals.
As part of our regular quarterly review and analysis of malicious activity, in the third quarter of 2013 (July – September), we found that the problem of malware targeting online banking has gotten significantly worse. By the end of September our researchers detected over 200,000 infections of malware that specifically targets online banking. If you’re in the United States, you have reason to be concerned because it accounted for nearly ¼ (23%) of all online banking malware infections worldwide. By contrast, Germany and France, who were the two top countries for infections in Europe, each only had 3% of worldwide infections. Brazil and Japan filled out the top three with 16% and 12% of worldwide infections respectively.
It’s impossible to give a single reason why online banking malware infections are higher in the United States than other parts of the world. But no one would argue that one contributing factor is the relative weakness of online banking security controls in the United States compared with countries like Germany. In the United States, a single authentication factor, usually a password, is the norm. In Germany, online banking requires the use of two or even three authentication factors. That relative weakness creates a much lower bar for attackers targeting online banking customers in the United States.
The use of a password only is essentially the same security for online banking that was being used in 2001. But while online banking security controls in the United States haven’t really evolved since 2001, online banking malware has. Just in this quarter we’ve seen a rise in a newer, more sophisticated family of online banking malware called KINS, marketed as a “professional-grade banking Trojan”. KINS takes online banking malware to the next level by taking steps to try and prevent the research that security companies like us do to build protections against it. (We do protect against currently known versions of KINS). This gradual evolution of existing threats is consistent with one of the predictions by our CTO at the start of the year.
As we move into the holiday shopping season, the lesson for people is to be aware that attackers are increasingly trying to get into your online wallet and take steps to protect yourself and your money. In particular, you should regularly check your accounts for suspicious activity. But, be sure to do so using traditional paper statements because there are forms of online banking malware that can actually alter your online statements to hide their malicious activity.
Unfortunately, our research shows this problem is likely to continue getting worse for the foreseeable future. The fundamental trends fuelling this quarter’s increase show no signs of abating. Attacks will continue to increase in their sophistication. And there’s no indication that online banking in the United States will follow other countries in adopting two or three factor authentication. To keep others out of your online wallet, you’re going to need to keep a close eye and a tight grip on it.