Staying Safe From Banking MalWare

Malicious computer software (formerly called “viruses” but more recently known as “malware”) is increasingly becoming the most significant risk to both personal and business IT users. The involvement of organised crime gangs and their heavy investment in malware development has given rise to a series of destructive attacks across the world – chasing a highly lucrative business that nets the criminals billions of pounds each year in the UK alone. As a result of the potential and actual gains, malware is becoming ever-more sophisticated, produced in an almost industrial fashion giving rise to a marketplace in which criminals can buy, sell and exchange malicious software and malicious software-development tools.

Recently, a company known to Magikos IT narrowly escaped becoming a victim of one such attack, from the “Trojan-Banker.emotet.gen” malware variant. This malware is specifically aimed at creating fraudulent banking transactions and the “infection” is received as an email attachment, loading onto the victims PC once the attachment is opened. There, it waits until it detects a connection and login being made to a banking system (for example, when invoice or payroll payments are being made).

The infected computer was used to make routine business payments and during this process the malware added a fraudulent payment for just under £9,000.00 into the payments list, ready for authorisation. Fortunately, the company in question has a robust business process for checking and authorising invoice payments, allowing the attempted fraud to be detected in good time and avoided. This also prompted an examination of the PC in question, leading to the removal of the malware in  co-ordination with the company’s bank.

This incident highlights a number of significant business issues for ALL organisations:

  1. EVERYONE needs to use and maintain a business-class antivirus / anti-malware tool on ALL of their devices (Windows PC, Mac, SmartPhone, Tablet etc).
  2. All staff need to be properly trained in the safe use of IT, email and the internet and made aware of other possible sources of fraudulent activity such as social engineering or telephone-based fraud.
  3. Devices that are used to transact banking or business payments should be treated with additional caution in terms of their IT security. Casual browsing or personal email should not be used on them if at all possible. This reduces the risk from email attachments or script-infected web pages.
  4. There is no substitute for robust business processes and audit / checking whenever payments are being made. Dual-authorisation processes, payment limits and locked-creditor-listing can help prevent unauthorised or fraudulent transactions.

Don’t become part of the UK fraud statistics. If you are unsure about keeping your organisation secure and protected from IT fraud or if you would like some advice or maybe even a security audit undertaken, then please do get in touch either by clicking the button below, completing one of the Callback Forms on the website or by following the link to the ‘Contact’ page.