ProXPN Threat Report

There has been a lot of new phishing malware since June this year that poses a grave threat to all internet users. Mobile users are particularly vulnerable without internet protection software. Wire fraud and Automated Clearing House phishing attacks also continue to plague banks. They have increased security, but scammers are still getting through.

Phishing Malware Attacks

Forms of malware have been developed that can travel over standard mobile and internet routes. This new breed of malware can beat two-factor authentication. One example is the Trojan known as Eurograbber. Eurograbber in different forms like Zeus, SpyEye, and CarBerp enabled cybercriminals to steal tens of millions of US dollars last year, and even more from over 30,000 bank customers in Europe.

The Process

Two-factor identity validation was set up by banks to strengthen security for customers in case of misplaced credentials or weak passwords that lead to account compromise. The bank would send a Transaction Authentication Number (TAN) through SMS to a customer’s mobile phone that is entered to confirm the online banking transaction. Eurograbber was designed to get around this once the malware is installed on their computers. The attack starts with malware infection from phishing emails and websites. The silently downloaded Trojan then detects a customer login and requests the mobile number and instructs the customer to follow a link that downloads the Zeus in the mobile (ZITMO) Trojan. The TAN authentication is now intercepted by the attackers and they have access to all the funds in that account. These attacks are very well organized with powerful C&C attacker servers. And the customers can’t know that their online transactions were compromised until they see their accounts are empty.

Banks Struggling with ACH and Wire Fraud

Banks around the world have been trying to upgrade their online security to protect customers from fraud. But many accounts are still being accessed by cybercriminals and their contents emptied. As banks put up security measures, attackers adapt and find ways around them. This game of cat and mouse is not likely to end. So security experts recommend that consumers who insist on banking online equip themselves with additional security measures on their end.
One attack scenario involves DDoS attacks that are commonly seen as mere annoyances by companies. An attacker would do a DDoS test run to see if his or her controlled botnet, like Dirt Jumper, could compromise a certain bank website. If yes, then the attacker would identify a compromised account, then make an unauthorized wire transfer or an ACH transfer. Then another DDoS attack would follow to cover the trail. DDoS attacks are great distractions that buy attackers the time needed to make sure the transfer is successful.

Defeating Account Compromise

Staying safe from the Eurograbber Trojan and unauthorized wire and ACH transfers begins with securing online browsing. If a user can mask online activities and defeat malware, the attackers cannot begin to compromise their computers and bank accounts. A VPN like that provided by ProXPN and other top VPN providers can secure these activities. ProXPN explains that when connected through a VPN to the internet, the VPN servers provide malware protection. The servers detect and block malware from websites that seek to infect user computers. The VPN also encrypts user data and traffic so it cannot be read by anyone else. This encrypted data is then sent through a private tunnel to the VPN server so it cannot be intercepted. The user’s IP address is also hidden, so attackers can’t see what sites, like online banking portals, the users are visiting. This way, users can bank in peace without facing the dangers of phishing scams.

Rank VPN Provider Starting Price Money Back Guarantee
Visit Provider Site
1 Express VPN $6.67/ Month 30 Days visit expressvpn
2 $6.55/ Month 30 Days visit expressvpn
3 IpVanish VPN $10.00/ Month 7 Days visit ipvanish
4 $21/ 3 Months 7 Days visit strongvpn
5
Vypr VPN
$14.95/Month 7 Days visit vyprvpn
VN:F [1.9.22_1171]
VN:F [1.9.22_1171]
Filed in: News

Get Updates

Share This Post

Recent Posts

Leave a Reply

Submit Comment

© Best VPN Service. All rights reserved.