Mobile banking, online shopping on hit list of cyber scammers

Islamabad: Kaspersky has released its annual Financial Threats Report for 2023, offering a detailed analysis of the evolving financial cyberthreat landscape. The report reveals significant increases in mobile banking malware and cryptocurrency-related phishing, signaling growing threats to digital financial assets.
The previous 12 months has witnessed a substantial rise in the number of users encountering mobile banking Trojans, with attacks on Android users surging by 32% – contrary to 2022.

• Users encountering mobile banking Trojans, with attacks on Android users surged by 32% – contrary to 2022
• Users affected by financial PC malware saw an 11% decline in 2023
• Online store users were targeted the most with 41.65% of cyberattacks, followed by banks with 38.47% and payment systems at 19.88%
• Amazon emerged as the most mimicked online store, followed by Apple and Netflix

While the number of users affected by financial PC malware saw an 11% decline in 2023, Ramnit and Zbot were identified as the predominant malware families, targeting more than 50% of affected users. Consumers continued to be the primary target, comprising 61.2% of all attacks. In 2023, online fraudsters continued to lure users to phishing and scam pages that mimicked the websites of popular brands and financial organizations. The attackers employed social engineering techniques to trick victims into sharing their financial data or making a payment on a fake page. Overall, among the three major financial phishing categories, online store users (41.65%) were targeted the most, followed by banks with 38.47% and payment systems at 19.88%.

The most frequently impersonated e-commerce site was Amazon, which was mimicked in more than one third (34%) of all online store phishing attempts. Apple came in second with 18.66% of fraudulent pages, followed by Netflix, with 14.71%.

Financial phishing remained a significant threat, accounting for 27.32% of all phishing attacks on corporate users and 30.68% on home users. E-shop brands were identified as the top lure, with 41.65% of financial phishing attempts. Additionally, PayPal phishing represented 54.78% of phishing pages targeting electronic payment system users. The report also highlighted a 16% year-on-year growth in cryptocurrency phishing, with 5.84 million detections in 2023 compared to 5.04 million in 2022.

“Money has always been a magnet for cybercriminals, and a substantial portion of malware attacks are financially motivated. The surge in mobile malware witnessed last year highlights a concerning trend in cybercrime. With the emergence of new and aggressive malware strains, attackers are evolving their tactics to target mobile devices more aggressively. This underscores the imperative for individuals and businesses to maintain heightened vigilance, update protective measures, and fortify device security accordingly,” commented Hafeez Rehman, Technical group manager at Kaspersky.

To stay safe from mobile malware, Kaspersky recommends to download your apps only from official stores like Google Play or Amazon Appstore A reliable security solution can help you to detect malicious apps and adware regardless of their obfuscation techniques before they can start behaving badly on your device.