In 2018, 889 452 users of Kaspersky Lab solutions were attacked by banking Trojans, an increase of 15,9% compared to 2017 when over 767 000 users were hit.
The growth partially occurred due increased activities of only one banker, according to an analysis of the financial threat landscape by Kaspersky Lab.
Attacks with banking Trojans or ‘bankers’ are among the most popular for cyber criminals as they are focused directly on financial gain. This kind of malware steals credentials for e-payment and online banking systems from victims, intercepting one-time passwords, and then sending the data to the attackers behind the Trojan.
Of 889 452 attacked users, almost 25% were corporate ones, a figure that has remained fairly consistent for the last three years. According to Kaspersky Lab experts, the reason behind this is clear: while attacks on consumers will only provide access to banking or payment system accounts, successful hits on employees can also compromise a company’s financial resources.
The collected data also shows that Russia became the most targeted nation in 2018, accounting for over 22% of global users attacked with banking malware. It is followed by Germany (with a share of over 20%) and India (almost 4%).
“When it comes to individual users, we can say that 2018 didn’t give them much respite from financial threats. Our data shows that infamous bankers are still there, increasing their attacks and hunting for money. Of particular interest was the RTM banking Trojan, whose explosive growth pumped up the figures for 2018. We therefore urge users to be cautious when conducting financial operations online from PCs. Don’t underestimate the professionalism of modern cybercriminals by leaving your computer unprotected,” says Oleg Kupreev, security expert at Kaspersky Lab.
In 2018, the share of financial phishing decreased from 53,8% to 44.7% of all phishing detections, still accounting for almost a half of overall detections. The share of phishing related attacks to payment systems and online shops accounted for almost 14% and 8,9% respectively in 2018. This is slightly less (single percentage points) than in 2017. The share of financial phishing encountered by Mac users slightly grew, accounting for 57,6%.
As for banking malware, in 2018, the number of users attacked with banking Trojans was 889 452 – it means an increase of 15,9% in comparison with 767 072 2017. A massive 24,1% of users attacked with banking malware were corporate users. Users in Russia, Germany, India, Vietnam, Italy, US and China were the most often attacked by banking malware.
Russia, South Africa, and the US were the countries with the highest percentage of users attacked by Android banking malware. The number of users that encountered Android banking malware in 2018 more than tripled to 1 799 891 worldwide. Just three banking malware families accounted for attacks on the vast majority of users (around 85%).