Illegal financial transactions: Cybercriminals take over customer accounts up 20 percent. In 2020, every second fraudulent transaction in finance and e-commerce was a successful takeover of a customer account by cyber criminals.
According to anonymized international statistics recorded by the Kaspersky Fraud Prevention solution in the period from January to December 2020, the proportion of such incidents rose from 34 percent in 2019 to 54 percent in 2020. The Kaspersky experts see two main approaches among cyber criminals to gain the trust of potential victims: the supposed savior in an emergency and the supposed investor.
Pandemic increases e-commerce usage
The use of digital financial services and electronic commerce (e-commerce) increased worldwide in the past year due to the pandemic. According to the experts at Kaspersky, this has led to an increase in social engineering attacks. Cyber criminals gain the trust of potential victims by addressing them individually, for example to gain access to confidential information such as account access or financial data. Banks and financial institutions as well as their customers should therefore be particularly aware of the typical fraudulent tactics - and protect themselves accordingly.
If one analyzes the fraudulent activities of cyber criminals in the financial and e-commerce sector from 2020, the following picture emerges:
- Most of the fraud incidents (54 percent) involve the successful takeover of customer accounts.
Another 16 percent were money laundering or money muling transactions [4].
In 14 percent of the cases, the fraud took place by means of fake accounts in bonus programs.
In 12 percent of the fraud incidents analyzed, legitimate remote administration tools such as TeamViewer were used to gain illegal access to user accounts.
Four percent of the time, the fraudulent transactions were related to devices that were infected with malware.
Cybercriminal tactics
The Kaspersky Fraud Prevention Team distinguishes between two common approaches with which attackers primarily gain access to customer-customers:
The supposed savior in need
The fraudsters pretend to be security officers of the bank and thus as “rescuers”. They call bank customers, report suspicious charges or payments, and offer assistance. The cybercriminals encourage customers to verify their identity using a code sent in a text message or push notification, stop a suspicious transaction, or transfer money to a "secure account". Alternatively, they ask victims to install a remote administration application, which is necessary for troubleshooting. Scammers often pose as employees of the largest bank in the potential victim's region and use a fake phone ID to disguise incoming calls as being from a real bank.
The supposed investor
In this case, the cyber criminals pretend to be employees of an investment company or an investment advisor for a bank. They call customers and offer them the opportunity to earn money quickly by investing in cryptocurrency or stocks directly from the customer's account - without the customer having to enter a bank branch. As a prerequisite for providing this investment service, the investor asks the potential victim for the code that was included in a text message or push notification.
"Bank customers value easy access to their accounts and conducting normal financial transactions," said Claire Hatcher, head of business development at Kaspersky Fraud Prevention. “Therefore, solutions for the financial industry should offer a high level of security measures and be seamlessly integrated into the user experience – including fraud protection. Additionally, it helps to regularly remind customers of scammers' methods so they don't fall for it."
More on this at Kaspersky.com
About Kaspersky Kaspersky is an international cybersecurity company founded in 1997. Kaspersky's in-depth threat intelligence and security expertise serve as the basis for innovative security solutions and services to protect companies, critical infrastructures, governments and private users worldwide. The company's comprehensive security portfolio includes leading endpoint protection as well as a range of specialized security solutions and services to defend against complex and evolving cyber threats. Kaspersky technologies protect over 400 million users and 250.000 corporate customers. More information about Kaspersky can be found at www.kaspersky.com/