Skip to main content

How to rob a bank with phishing and malware

OK, I know I keep going on about email phishing, but unfortunately, it's on the increase. Last year Google Research produced a report in which they identified that 12.4 million individuals have potentially been the victim of phishing with over 1.9 billion usernames and passwords readily available on the blackmarket. To help combat phishing and other security attacks Google recently released updates to it's G Suite, GCP and Chrome Enterprise products. These updates include more proactive phishing and malware detection using Machine Learning.

As an example of how cybercriminals are using phishing attacks here is an infographic and article from Europol on how the cybercriminals responsible for the Carbanak and Cobalt malware attacks targetted over 100 financial institutes and stole over 1 billion euros!

Source: Europol
The attacks all started with simple spear phishing emails sent to bank employees. These emails, impersonated legitimate companies and customers of the bank, had malicious malware attached. Once downloaded, the malicious code allowed the criminals to remotely control the victims’ infected machines, giving them access to the internal banking network which they used to then infect the servers controlling ATMs, manipulate bank records, and transfer money from one account to another. 

There is no doubt that these were well-coordinated and sophisticated attacks, however as the method of deploying the malware was via a spear phishing attack it could have been prevented. All staff need to be aware of how phishing attacks work, and what to look for. Here are my top five things you can do to improve cybersecurity


Comments

Popular posts from this blog

GDPR Compliance - The Sky Is Falling

Over the past few months, I've been speaking to more and more business owners about their concerns regarding GDPR (General Data Protection Regulation), which becomes law on 25th May 2018.

The concerns appear to come from misinformation and fake news over GDPR. There are the scaremongers, reporting on the increase fines that an organisation could face. While it's true GDPR has increased the levels of fines to 2% of an organisation’s global turnover, and for more severe incidents €20 million or 4% of turnover, whichever is the larger, it's unlikely that fines will rocket. Elizabeth Denham, the information commissioner for the UK, stated in a recent blog,

it’s scaremongering to suggest that we’ll be making early examples of organisations for minor infringements or that maximum fines will become the norm. Denham continued to say that; "The ICO’s commitment to guiding, advising and educating organisations about how to comply with the law will not change under the GDPR. We h…

Amazon Echo v Google Home - Family Review

With Christmas just around the corner, my inbox and messenger have started to fill up with messages from friends and family - not to wish me well, but instead to ask me which personal/home assistant device they should purchase.
With both Google and Amazon reducing the price of these devices for Black Friday it seems that everyone is getting on the bandwagon.
Having had both Google Home and Amazon Echo for a while I thought it was about time I came off the fence and give my recommendation, but then I realized that there are hundreds of technical reviews out there already, so instead, I've decided to ask my family which device they prefer and why. 
So here it is, the Lees' family review of both the Google Home (and mini) and Amazon Echo. But before we begin let me quickly introduce the family. My wife, Lianne and I have two kids, Molly who is 15 and Harry 10. We have several Smart TV's, Chromecast devices and even a Chromebit. The house is also full of IoT devices from Phil…

Google release new touch-screen Google Home

Well, that's a headline I long to read. Unfortunately, Google has lagged behind in the personal assistant device game for some time now. In September of this year, Amazon announced a plethora of new Alexa powered devices, which are now hitting stores.

The Echo Show, which enables video calling.The Echo Look, which is intended for fashionistas.The Echo Spot, which is like a really fancy alarm clock.The Amazon Tap,  aka portable Echo.

We all hoped that the Google announcement a few weeks later would bring something exciting and disruptive to steal the thunder from Amazon, but unfortunately, we got a pebble (Google Home Mini), and large square speaker (Google Home Max), and some new colours for the existing air purifier (aka Google Home).
All extremely underwhelming. Sorry Google, but I was expecting video calling, I was expecting Youtube videos, I was hoping to search through my photos, I was at least expecting two-way communication between devices! I'm not saying I don't li…
Related Posts Plugin for WordPress, Blogger...