Banking Trojans are actively targeting online users of popular consumer brands this Cyber Monday, according to new research from Kaspersky Lab.
The security firm detected 9.2 million attempted attacks by the end of Q3, 2018, compared to 11.2 million for the whole of 2017, with detections for one malware family up by 34%.
Traditionally, banking Trojans target mostly users of online financial services, however, several of these banking Trojans have enhanced their functionality and reach to target the data and credentials of online shoppers, with half of the online shops attacked being well known consumer brands including fashion, footwear, gifts, toys and department stores.
“We’ve seen credential-stealing banking malware attacks before, but attacks are increasing in number; and the money spent online on Cyber Monday provides a perfect opportunity for cybercriminals employing these tactics,” said David Emm, Principal Security Researcher at Kaspersky Lab.
“Whereas banking Trojans target mostly individuals of online financial services, some of these malware families are now hunting for data related to online shopping accounts. These Trojans intercept data entered on a shop’s payment page, meaning that cybercriminals are able to reap the rewards of shoppers who are not aware that they are conducting transactions on an infected device.
“It’s important that consumers take extra caution when shopping online today on Cyber Monday. By taking some simple steps – securing devices used to shop online, applying updates to the operating system and applications as soon as they become available, double checking the integrity of an online retailer’s website before entering or downloading any data and not clicking on links in messages – the risk can be dramatically reduced during the busy shopping season.”
Kaspersky Lab advises the following when shopping online today:
- Protect all of your devices with a good internet security product that applies updates to your operating system and applications as soon as they become available.
- Make sure that if you’re online, you’ve got a trusted connection. If it’s not a trusted Wi-Fi connection, don’t do any confidential transactions.
- Don’t respond to links or attachments in unsolicited emails or other messages.
- Make sure you are using unique, hard to guess passwords for every single online account.
- Remember: if a deal looks too good to be true, then it probably is.
Entries for the 2019 PCR Awards are now open. Submit your entries here before Dec 10th for a chance to win!