Twenty-first-century cybercriminals are like carnival barkers, using a variety of tricks, illusions and misdirections.
First up is the invite into this mystical world, an invite that looks exactly like a legitimate email from a consumer's bank with specific directions to log into the site to review and sign attached documents to allow customers to make payments directly from one email account to another.
The website is like looking into a mirror image of the real banking website and once there, the user can type in banking details, complete the form and voila! With sleight of hand, bad actors have the user's banking information.
Cybercriminals use a variety of malware to trick people into giving up their account credentials.
The latest endeavor is a malware known as Trickbot. The malware is like an old trick, but one that has been evolving with the times. The latest version of Trickbot was discovered by security researchers at Cyren, who claim that cybercriminals sent more than 75,000 emails in 25 minutes all “seeming” to be originating from Lloyds Bank. They also believe that the authors of Trickbot are experimenting with a vulnerability known as EternalBlue, a Windows exploit that helped to spread WannaCry and Petya malwares that affected companies around the world.
This latest instance of Trickbot is a good time to remind consumers not to trust third-party sites even when directed by an email that seems legitimate. The best thing to do is confirm directly with the bank by phone before filling out forms or logging into your authenticated online bank account.
Always, look hard at the URL to make sure the website is spelled correctly. Just one letter off could make all the difference between what will turn out to be trick or treat. If the site URL doesn’t start with https://, there should be a concern about information security.
Financial institutions using varied means of authentication need to move toward predictive and more secure techniques such as passive biometrics and behavioral analytics that can determine if the expected human user is accessing and transacting on the account, effectively negating the value of these types of phishing schemes and malware.
Machine learning enables adaptive application intelligence and combined with behavioral biometrics can distinguish between true identity and fraudulent identity and between true behavior vs. fraudulent behavior, and between good and bad automation. Behavioral analytics can provide account holders an extra layer of protection even after a hack has occurred as it can block fraudulent interactions as cybercriminals cannot mimic the exact behavior of the user.
While banking institutions need to stay ahead of the security curve, so do consumers, who must remain vigilant. Adding new integrated layers of security, and especially passive biometrics, helps institutions and individuals stay ahead of the fraudsters, by locking the fraudsters out of the big-top tent without inconveniencing legitimate users.
