India on the fifth rank for Trojan attacks!

INDIA:  Symantec has released a new blog and update to its whitepaper on the “State of Financial Trojans,” showing that financial Trojans decreased by 53 per cent in 2014 largely due to takedown and arrest operations. However, with a total of 1,77,000 compromised computers, India is the country with the fifth most financial Trojan infections in 2014, moving up from the seventh rank in 2013.

Financial Trojans that intercept and redirect transactions from online banking sessions have always been popular among cybercriminals. These campaigns will probably remain prevalent for the foreseeable future, as attacks against banking customers are still successful in many cases. Today’s financial malware has evolved to bypass newer security measures, such as two-factor authentication (2FA) and mobile banking, in order to steal money from unsuspecting users.

Symantec says it has seen attackers continue to target high-profile targets, and shift focus to new platforms like bitcoin and mobile payments.

Other notable findings from the Symantec State of Financial Trojans 2014 whitepaper tell that around 1,467 financial institutions in 86 countries are targeted with financial Trojans and attackers are focusing on new targets outside of online banking, such as Boleto, Bitcoin, and password managers.

India ranks fifth among countries with most financial Trojan Infections, moving up from rank 7 in 2013. Stolen bank accounts are sold for five to 10 per cent of the balance value on underground cybercrime forums, another finding points out adding that the trend of mobile malware intercepting text messages and gathering 2FA credentials continued in 2014.

The study suggests some best practices like exercising caution when receiving unsolicited, unexpected, or suspicious emails, keeping antivirus software and operating systems up to date and enabling advanced account security features, like 2FA, if available. Use strong passwords for all your accounts, always log out of your online banking session when finished, enable account login notifications, if available, monitor bank statements regularly for suspicious activity and notify your financial institution of any strange behavior while using their service, it is recommended.