Nearly everyone has faced a cyber criminal’s activity at one point or another. You have probably received a magical SMS that read something like: “You are the winner!!! Your Ferrari and $1M await you! Call XXXXXX right now!!!”
Up until now, these well-known tricks have worked surprisingly well. Even if you’ve never taken the bait yourself, you probably know somebody who did.
That person (or you) is not alone. Employees of huge corporations have also been taken by schemes from cyber criminals. For example, over the course of two years the Carbanak cybergang stole funds from dozens of financial institutions worldwide to the tune of roughly $1 Billion. Right now, there is a type of mobile malware targeting mobile banking. To earn easy money, hackers, for example, make specific malware, which replaces legitimate banking interfaces with custom imagery and code. But before stealing your money, a malware needs to be installed on your device. So how does it find a loophole?
A test, recently conducted by Kaspersky Lab, shows that many users do not follow basic security rules when make online payments or log into an online banking system. 50% of the people surveyed do not check if they use the authentic website of their bank or payment system. They don’t pay attention at the https prefix, which indicates an encrypted connection; some of the surveyed have even selected a website with a misspelled address — an obvious sign of a fake phishing page.
It seems that a key logger will also find its victim: only each fifth of those surveyed prefer to use a virtual keyboard to protect their passwords from interception by malware. In the survey other users stated that they choose the “incognito” mode to protect a payment, or resort to an anonymizer, or even try to enter and wipe the data repeatedly in order “to confuse viruses.” Unfortunately, these actions do nothing to protect a user’s financial information.
What’s more surprising it’s that 20% of the users do not think of protecting their banking accounts even offline. For example, in a restaurant they are ready to give their banking card to a nice waitress or a polite waiter and let them take it out of their site. This is a bad idea. Please, remember: if fraudsters receive access to your card at least for a minute, they can make a full-fledged copy very quickly.
Banks cannot guarantee 100% protection simply because to large extend security depends on users behavior. Besides, not all payment systems care about cyber security that much. That’s why users, especially the less cyber savvy, should install specific solution to secure their online payments.