By Anthony Giandomenico | January 08, 2019
The same concept holds true for cybercrime and the Financial Services industry. At the end of the day, regardless of who the ultimate victim of a cyberattack is, the end goal of most cyber events continues to be financial gain. And capitalizing on the theft of information, whether credit card or banking data or the selling of PII on the dark web, ultimately involves taking advantage of someone or some organization associated with the Financial Services sector.
Cybercriminals increasingly target online banking and mobile apps
According to our recent Threat Landscape Report, over one-quarter of organizations experienced a mobile malware attack in Q3 of 2018, with the vast majority of those attacks targeting or originating from devices running the Android operating system. In fact, of all the threats organizations faced last quarter from all attack vectors, 14% were Android related. By comparison, only .000311% of threats were targeted to Apple iOS.
Exploits targeting banking apps on mobile devices, for example, are a significant part of this growing threat trend that must be addressed. Compromising mobile devices not only allows attackers to steal data stored on that device, but can be used to collect personal banking information using phishing apps, intercept data moving between a user and his or her online bank, and monitor financial transactions when purchasing goods or services online. The Android. banker. A2f8a malware, for example, targeted more than 200 different banking apps to steal login credentials, hijack SMSs, and upload contact lists and other data onto a malicious server. It also displayed an overlay screen on top of legitimate apps to capture additional information.