Phishing attacks target the financial industry again, the case is in an accelerated rise, as more mobile banking applications are developed. More and more banking customers report banking accounts being losing money and malicious banking transfers that have no sms or one time password (OTP) for authentication and verification, either via the malicious app or link take over the application.
The world is constantly evolving and the way hackers innovate their way is so. Fake website is one, where pointing those who respond for the malicious offer is too cheap to be a true offer, and they require downloading the mobile applications and filling with the bank details.
Another new and smart way is to report in the market, propose, send random to target customers for the said USB that comes with Microsoft Office, the whole package and anything that is look for authenticated. The recipient believes it is sent to the wrong address and then plug in their pc and perform the software installation, and behind the scene, install a malicious application. Modifying the approach is to change to different software or even a smartphone given or let you buy at an extremely low price, and let you believe you are lucky one.
Malicious SMS with the link for the user to click and then hijack the session, or response to a fake website offer, or require you to install their mobile application, all create a lot of new ways hackers can manipulate and expand their attack surface.
Modern applications attempt to make the application and transaction easy to complete, so they are also once vulnerable, making it easy to be manipulated for other purposes.Due to the hacking and compromised is all user driven, as you can imagine, if they do not click or installed malicious applications, it will not be happen in the first place. It is the end user security awareness that is required to increase, but who will be the one willing to offer and absorb the training costs?
Cybersecurity top threats, we have ransomware in one hand, phishing in another, all focus on the end users. Because they are the most easily compromised target, the bigger the target size, statistically to say so, the larger the qualified target that may yield the result. It also calls for the next generation security prevention approach that works for the modern world.
E-SPIN Group in the enterprise ICT solution supply, consultancy, project management, training and maintenance for corporation and government agencies did business across the region and via the channel. Feel free to contact E-SPIN for your project requirement and inquiry.
Related post that may interest you: