Phishing attacks are the most common form of internet fraud. They are designed to trick people into providing sensitive personal information such as, details of credit cards and bank accounts. The major financial institutions in the world are the target of these scams.
Over one-third of banks are subject to phishing. According to a survey of the cyber-security specialist Kaspersky Lab, every fifth phishing attack registered from May 2012 to April 2013 was aimed at banks and financial institutions. The results were confirmed indirectly by the banks themselves. About 37% of banks admitted that they had been subject to phishing attacks at least once in the past 12 months.
The cybercriminals’ increased interest in banks and e-commerce is not surprising. Phishers make money by imitating banks’ web pages, popular online stores or by stealing and selling the victims’ personal data. The scammers usually persuade people to provide financial information by sending an email that is a complete copy of the selected company’s emails. The recipients of the email are asked to open a hyperlink to an identical fake website and enter their personal information (bank account, phone number etc.). Sometimes the victims are asked to enter their username and password or their bank account number in the email itself. A Trojan horse attached to the email will be downloaded and will collect and send the personal information to phishers.
According to Kaspersky Lab, the attacks against personal data and people’s savings could be prevented through solutions composed of technologies protecting all transactions in online banking systems. Last month, Kaspersky announced its plan to develop a solution, Safe Money for Banks, which will prevent online customers from financial cyber-attacks. Safe Money for Banks is currently in the testing stage and the final version will be released in 2014.
Etudiante en M2 Droit de l’économie numérique à l’Université de Strasbourg