Online banking malware rises

In its recent Q3 2013 Security Roundup Report, Trend Micro has warned consumers of a peak in both the volume of Apple iOS phishing sites, as well as a sizable increase in online banking malware.

The findings are closely linked to its Q2 report where mobile threats were once under the spotlight as one of the fastest growing areas of concern for consumers and businesses alike. The latest Q3 report’s findings however, suggest consumers should be alert and cautious during the holiday shopping season to protect personal and financial data from being compromised.

‚”With the pervasiveness and ease of use of online banking, we as consumers trust these applications almost blindly,‚” states Gregory Anderson, country manager at Trend Micro South Africa. ‚”It is worrying that our Security Roundup Reports consistently highlight online banking as an area for concern and we want to urge consumers to be vigilant when using online banking sites. You must ask questions of the security employed by your bank, as well as ensure you yourself are secured on all devices you access these applications from.‚”

Another area highlighted by the report is that while Apple has been traditionally perceived as a safe-haven against threats, the company’s findings reveal that personal information (of its users) can be jeopardised as phishing scams that target the platform continue to gain momentum. According to Anderson, this evidence suggests a potential perfect storm looming in the holiday season as busy commercial and consumer users leverage mobile platforms.

In respect to the report’s findings, it has revealed that after a spike in Q2 (5,800 in May), Apple-related phishing sites have remained steady throughout Q3 with 4,100 detected in July: 1,900 in August and 2,500 in September. This raises concern of potential new targets in Q4 with analysts estimating Apple to sell 31 million iPhones and 15 million iPads in the fourth quarter alone.

To substantiate the banking concerns, Trend Micro researchers also identified more than 200,000 malware infections targeting online banking in Q3. Three countries stood out as the most targeted, with the U.S. accounting for almost one-quarter (23 percent) of online banking malware infections worldwide, followed by Brazil with 16 percent and Japan with 12 percent.

Europe’s top countries, Germany and France, had only three percent respectively which may stem from the regions high degree of multi-factor authentication requirements with online banking transactions. Along with these increases, the level of sophisticated obfuscation techniques used by threat actors has also risen. We found within the online banking Trojan called KINS, anti-debugging and anti-analysis routines.

‚”While the above mentioned countries have been singled out as the worst hit, we cannot discount the effects the online banking threats pose for us here in South Africa, particularly with the rise in the use of smartphones. In our region we at Trend Micro are trying to work with businesses to create awareness around mobile security threats as until now it has been an area in which many are playing possum, some are avoiding, and others in our industry are simply saying doesn’t exist and as a result will have no impact on the end user which couldn’t be further from the truth. The people who lose in this blinkered approach adopted by our industry is the consumer,‚” ends Anderson.

* Banking security image courtesy of Shutterstock.com

*