There are many different types of malware out there that can threaten a device or network in a CPA office. From ransomware that encrypts your data to adware that redirects your browser, each is dangerous in its own way.
One of the most costly types of malware is that which is designed to steal banking and financial information. These banking trojans and credential stealing attacks can instantly clean out a bank account before you even know you’ve been attacked.
They attack computers and mobile devices alike, requiring companies to have a strong managed cybersecurity plan in place if they want to stay protected.
Detections of the bank info-stealing malware, TrickBot, rose 52% in 2019.
Accounting firms have to be particularly careful about this type of malware because of all the different client bank accounts they access regularly in their work.
How Do Banking Trojans & Financial Malware Work?
There are a few different types of malware designed to target banking and other financial account access.
- Banking Trojans: Designed to look like a legitimate application but hides a program that seeks out banking information on a computer, like the cookies that are generated when you visit an online banking site.
- Financial Phishing: Financial phishing attacks will send emails that spoof sites like iTunes, PayPal, or your bank. When you click the link, the login will be a fake page created to replicate the real site. The forms steal your login credentials and use them to access your account instantly.
- Mobile Banking Malware: Similar to banking trojans, but this malware is typically hidden in mobile apps. Once installed, it will seek out online banking or mobile wallet information.
Watch Out for These Banking Malware Threats
Banking malware threats increased 50% over the last year, making this an emerging threat that CPA firms and companies of all types need to remain on high alert for.
Here are some of the top banking trojans and other financial cyberthreats to stay aware of and defend your computer, mobile device, and network against.
Ginp Banking Trojan/Coronavirus Finder
Cyber criminals wasted no time taking advantage of the coronavirus pandemic, and this banking trojan is a prime example. Ginp was renamed to “coronavirus finder” and offered as an app that claims to detect people nearby that are infected with COVID-19.
One ploy that this mobile malware uses to make people think it is legitimate is to charge about $1.00 for the app. Most people expect mobile malware to be tucked into free apps.
Once installed, the malware seeks out bank card details that may be saved inside apps or mobile wallets.
This is a banking trojan that targets Windows devices. It’s been around since 2016 and has recently seen a surge in use. It targets banking data and can also steal money from Bitcoin wallets.
This malware can also harvest emails and other types of login credentials and is often deployed via a hacked Wi-Fi router.
Another type of banking malware that’s been on the rise recently is Ursnif. This one has been designed to get past some of the more advanced detection methods used by anti-malware programs, like sandboxing.
Once inside a device, it goes after banking and login information that may be stored in system files. It also has the ability to:
- Steal email data
- Intercept data being put into webforms (like credit card details)
- Detect certain types of phishing software
Ursnif usually infects a machine via a malicious file attachment in a phishing email.
SpyEye is a malware made to steal money from online bank accounts. It uses a keylogger that intercepts login credentials being entered by the user. It can also steal social security numbers and other financial information.
It is designed to strike instantly as soon as the login is captured, initiating an online session and emptying the account. This often happens all via automated script.
Malware is always morphing and being renamed. In this case, a banking malware called Citadel that the FBI warned has infected over 11 million computers worldwide was renamed Atmos in a new iteration.
It’s designed to steal personal and banking information from infected computers as well as enslaving computers in a botnet. This malware targets both public and private organizations and harvests login credentials of all kinds.
This banking trojan targets the infected computer user’s browser activity and captures information during online banking sessions. From there, it uploads files from an infected device and runs commands designed to steal FTP login credentials.
Bugat is largely spread through malicious links in phishing emails.
Is Your Accounting Firm Protected from the Rise in Banking Malware?
How do you know if your computers are properly protected from the new sophisticated banking trojans and malware? Get a free security check from Connect2Geek.
Schedule a free security consultation today! Call 208-468-4323 or reach out online.