Banking - Cyber Security Informer

Bizarro Banking Trojan

Schneier on Security

MAY 20, 2021

Bizarro is a new banking trojan that is stealing financial information and crypto wallets. …the program can be delivered in a couple of ways — either via malicious links contained within spam emails, or through a trojanized app.

Banking

Banking Malware Accountability

Details of a Computer Banking Scam

Schneier on Security

MARCH 22, 2021

This is a longish video that describes a profitable computer banking scam that’s run out of call centers in places like India. And three, it’s an evolving tactic that gets around banks increasingly flagging blocking suspicious electronic transfers.

Scams

Scams Banking Computers and Electronics Social Engineering

SMS About Bank Fraud as a Pretext for Voice Phishing

Krebs on Security

NOVEMBER 10, 2021

Smishing messages usually include a link to a site that spoofs a popular bank and tries to siphon personal information. But increasingly, phishers are turning to a hybrid form of smishing — blasting out linkless text messages about suspicious bank transfers as a pretext for immediately calling and scamming anyone who responds via text.

Banking

Banking Phishing Scams Accountability

Report: Big U.S. Banks Are Stiffing Account Takeover Victims

Krebs on Security

OCTOBER 7, 2022

consumers have their online bank accounts hijacked and plundered by hackers, U.S. But new data released this week suggests that for some of the nation’s largest banks, reimbursing account takeover victims has become more the exception than the rule. Bank , and Wells Fargo. ” Sen.

Banking

Banking Accountability Scams Passwords

Exploring the Overlap: Cost Optimization and Digital Transformation

Speaker: Alex Jiménez, Managing Principal, Financial Service Consulting for EPAM

From a budget standpoint, US banks are feeling the pinch. Many US banks are bracing for increased defaults and lower demand for mortgages and other loans as interest rates have increased. The largest banks have increased reserves to protect against deteriorating economic conditions. Global economic conditions are soft at best.

Digital transformation

Cybercrime Rapper Sues Bank over Fraud Investigation

Krebs on Security

AUGUST 7, 2024

That story showed how Punchmade’s social media profiles promoted Punchmade-themed online stores selling bank account and payment card data. On June 26, Turner filed a pro se lawsuit against PNC Bank , alleging “unlawful discriminatory and tortuous action” after he was denied a wire transfer in the amount of $75,000.

Banking

Banking Cybercrime Accountability Retail

Scammers Sent Uber to Take Elderly Lady to the Bank

Krebs on Security

AUGUST 4, 2022

Email scammers sent an Uber to the home of an 80-year-old woman who responded to a well-timed email scam, in a bid to make sure she went to the bank and wired money to the fraudsters. So they sent her some information about where to wire the money, and asked her to go to the bank.

Banking

Banking Scams Accountability Passwords

Is Your Chip Card Secure? Much Depends on Where You Bank

Krebs on Security

JULY 30, 2020

More recently, researchers at Cyber R&D Labs published a paper detailing how they tested 11 chip card implementations from 10 different banks in Europe and the U.S. As both Gemini and Visa have noted, in both cases proper iCVV verification from banks should render this intercepted EMV data useless to crooks. Source: RCMP.

Banking

Banking Malware Encryption Accountability

Tenable: 26,500 Cyber Vulnerabilities Risk SE Asia’s Banks

Tech Republic Security

SEPTEMBER 6, 2024

Tenable's research reveals 26,500 cyber vulnerabilities in Southeast Asia's banking and insurance sectors, exposing critical security risks.

Banking

Banking Risk Insurance Financial Services

Everything You Need to Know About Crypto

Speaker: Ryan McInerny, CAMS, FRM, MSBA - Principal, Product Strategy

May 18th, 2023 at 9:30 am PDT, 12:30 pm EDT, 5:30 pm BST

Cryptocurrency

Hackers stole millions of dollars from Uganda Central Bank

Security Affairs

NOVEMBER 30, 2024

Financially-motivated threat actors hacked Uganda ‘s central bank system, government officials confirmed this week. Ugandan officials confirmed on Thursday that the national central bank suffered a security breach by financially-motivated threat actors. The Daily Monitor newspaper reported that the attackers stole 47.8

Banking

Banking Government Accountability Hacking

Android malware FakeCall intercepts your calls to the bank

Malwarebytes

OCTOBER 31, 2024

An Android banking Trojan called FakeCall is capable of hijacking the phone calls you make to your bank. Instead of reaching your bank, your call will be redirected to the cybercriminals. The Trojan accomplishes this by installing itself as the default call handler on the infected device.

Banking

Banking Malware Phishing Risk

Banks Must Report Cyber Incidents Beginning in May 2022

Lohrman on Security

DECEMBER 12, 2021

financial institutions are leaders in global cyber defense. Recently approved rules will mandate the reporting of security incidents next year. We explore the topic with cybersecurity expert Michael McLaughlin.

Banking

Banking Cybersecurity

IBM X-Force Report: Grandoreiro Malware Targets More Than 1,500 Banks in 60 Countries

Tech Republic Security

MAY 23, 2024

Find out how Grandoreiro banking trojan campaigns work and the countries targeted, as well as how to mitigate this malware threat.

Banking

Banking Malware Social Engineering Cryptocurrency

The Anti-Money Laundering Act of 2020: Initial Catalysts, Current Implications, and Future Impacts

Speaker: Elizabeth "Paige" Baumann, Founder and CEO of Paige Baumann Advisory, LLC

Paige Baumann will walk us through the impacts of the AMLA, and you'll leave this session with a new understanding of: The catalysts for this new law and how it amended the Bank Secrecy Act of 1970 Rulemaking and other actions taken by the U.S. The AMLA represents the most significant changes in U.S.

Banking

New version of Android malware FakeCall redirects bank calls to scammers

Security Affairs

OCTOBER 30, 2024

The latest FakeCall malware version for Android intercepts outgoing bank calls, redirecting them to attackers to steal sensitive info and bank funds. The malware allows operators to steal bank users’ sensitive information and money from their bank accounts. ” reads the report published by Zimperium.

Banking

Banking Malware Accountability Phishing

Deepfake Video of Central Bank Governor and Journalist Promotes Fraudulent Investment Opportunity

Joseph Steinberg

SEPTEMBER 5, 2024

Reinesch and Zenners, the two people seen in the video, however, never discussed such a project, because the central bank has no so project; “the project” in question is nothing more than a scam created by criminals.

Banking

Banking Artificial Intelligence Scams Cryptocurrency

How to Offer Secure IVR Banking and Authenticate Callers

Tech Republic Security

AUGUST 8, 2024

Discover how to safeguard IVR banking from hackers and implement secure authentication methods for customer protection. Find out how these digital alternatives benefit both customers and agents.

Banking

Banking Authentication Software Network Security

Ukraine’s cyber operation shut down the ATM services of major Russian banks

Security Affairs

JULY 27, 2024

Ukraine launched a massive cyber operation that shut down the ATM services of the biggest Russian banks on July 27, reported the Kyiv Post. Ukraine has launched a massive cyberattack against ATMs of Russian banks, the cyber operation began on July 23. reported the KyivPost.

Banking

Banking Mobile Hacking Internet

ERM Program Fundamentals for Success in the Banking Industry

Speaker: William Hord, Senior VP of Risk & Professional Services

Does our bank understand and support the importance of a strong ERM program to continue to position our company for growth? How are we measuring and rating our risk impact, likelihood, and controls to mitigate our risk? Are we leveraging risk velocity and vulnerability to obtain more granular residual risk results?

Banking

Fintech Giant Fiserv Used Unclaimed Domain

Krebs on Security

MARCH 17, 2021

Here’s the story of one such goof committed by Fiserv [ NASDAQ:FISV ], a $15 billion firm that provides online banking software and other technology solutions to thousands of financial institutions. Vegh could see the message from his bank referenced a curious domain: defaultinstitution.com.

Banking

Banking Accountability Software Mobile

ToxicPanda Android banking trojan targets Europe and LATAM, with a focus on Italy

Security Affairs

NOVEMBER 5, 2024

The ToxicPanda Android malware has infected over 1,500 devices, enabling attackers to perform fraudulent banking transactions. Cleafy researchers spotted a new Android banking malware, dubbed ToxicPanda, which already infected over 1,500 Android devices. ” reads the report published by Cleafy.

Banking

Banking Malware Accountability Authentication

Credit Card Fraud That Bypasses 2FA

Schneier on Security

SEPTEMBER 20, 2022

And bank cards can be stopped. Once they have the phone and the card, they register the card on the relevant bank’s app on their own phone or computer. That verification passcode is sent by the bank to the stolen phone. Once accepted, they have control of the bank account.

Banking

Banking Accountability Passwords Authentication

This $3,000 Android Trojan Targeting Banks and Cryptocurrency Exchanges

The Hacker News

DECEMBER 5, 2024

As many as 77 banking institutions, cryptocurrency exchanges, and national organizations have become the target of a newly discovered Android remote access trojan (RAT) called DroidBot.

Cryptocurrency

Cryptocurrency Banking Spyware

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

As a result, data protection needs to be a concern for most banks, businesses, and information technology specialists. million attacks, the threat marked a 148% increase compared to 2020 and was the most expensive year on record! It’s mindboggling, but right now for 49% of respondents, cybersecurity is their primary business concern.

Ransomware

When in Doubt: Hang Up, Look Up, & Call Back

Krebs on Security

APRIL 23, 2020

Instead, she calmly assured him the bank would reverse the fraudulent charges and said they’d be sending him a new debit card via express mail. The following day, Mitch received another call about suspected fraud on his bank account. Also, the Friday call helped to set up the bigger heist the following day.

Banking

Banking Scams Accountability Phishing

Fraud on Zelle

Schneier on Security

MARCH 9, 2022

Other types of bank transfers or transactions involving payment cards typically take at least a day to clear. There’s no way for customers — and in many cases, the banks themselves — to retrieve the money. […]. Bank and Wells Fargo. It’s not clear who is legally liable for such losses.

Banking

Banking Scams

The ‘Zelle Fraud’ Scam: How it Works, How to Fight Back

Krebs on Security

NOVEMBER 19, 2021

One of the more common ways cybercriminals cash out access to bank accounts involves draining the victim’s funds via Zelle , a “peer-to-peer” (P2P) payment service used by many financial institutions that allows customers to quickly send cash to friends and family. “Members don’t have to request to use Zelle.

Scams

Scams Banking Passwords Authentication

New Android Banking Malware 'ToxicPanda' Targets Users with Fraudulent Money Transfers

The Hacker News

NOVEMBER 5, 2024

Over 1,500 Android devices have been infected by a new strain of Android banking malware called ToxicPanda that allows threat actors to conduct fraudulent banking transactions.

Banking

Banking Malware Accountability

Hackers stole millions of dollars from Uganda Central Bank

Security Affairs

NOVEMBER 30, 2024

Financially-motivated threat actors hacked Uganda ‘s central bank system, government officials confirmed this week. Ugandan officials confirmed on Thursday that the national central bank suffered a security breach by financially-motivated threat actors. The Daily Monitor newspaper reported that the attackers stole 47.8

Banking

Banking Government Accountability Hacking

Crooks bank on Microsoft’s search engine to phish customers

Malwarebytes

NOVEMBER 4, 2024

We identified a new wave of phishing for banking credentials that targets consumers via Microsoft’s search engine. Multi-factor authentication is still highly recommended, but users should be aware that criminals can directly ask for verification codes while pretending to be the real bank.

Engineering

Engineering Phishing Banking Authentication

TrickMo Android Trojan Exploits Accessibility Services for On-Device Banking Fraud

The Hacker News

SEPTEMBER 13, 2024

Cybersecurity researchers have uncovered a new variant of an Android banking trojan called TrickMo that comes packed with new capabilities to evade analysis and display fake login screens to capture victims' banking credentials.

Banking

Banking Cybersecurity

BingoMod Android RAT steals money from victims’ bank accounts and wipes data

Security Affairs

JULY 31, 2024

BingoMod is a new Android malware that can wipe devices after stealing money from the victims’ bank accounts. Researchers at Cleafy discovered a new Android malware, called ‘BingoMod,’ that can wipe devices after successfully stealing money from the victims’ bank accounts.

Banking

Banking Accountability Malware Mobile

Disneyland Malware Team: It’s a Puny World After All

Krebs on Security

NOVEMBER 16, 2022

A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode , an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic. Bank customers. Bank customers.

Malware

Malware Banking Phishing DDOS

New Octo2 Android Banking Trojan Emerges with Device Takeover Capabilities

The Hacker News

SEPTEMBER 24, 2024

Cybersecurity researchers have discovered a new version of an Android banking trojan called Octo that comes with improved capabilities to conduct device takeover (DTO) and perform fraudulent transactions.

Banking

Banking Malware Cybersecurity

Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack

The Hacker News

OCTOBER 16, 2024

A new spear-phishing campaign targeting Brazil has been found delivering a banking malware called Astaroth (aka Guildma) by making use of obfuscated JavaScript to slip past security guardrails.

Banking

Banking Phishing Malware Retail

Many Public Salesforce Sites are Leaking Private Data

Krebs on Security

APRIL 27, 2023

A shocking number of organizations — including banks and healthcare providers — are leaking private and sensitive information from their public Salesforce Community websites, KrebsOnSecurity has learned. Huntington Bank has disabled the leaky TCF Bank Salesforce website.

Banking

Banking Government Information Security Authentication

Would You Have Fallen for This Phone Scam?

Krebs on Security

APRIL 28, 2020

But you probably didn’t know that these fraudsters also can use caller ID spoofing to trick your bank into giving up information about recent transactions on your account — data that can then be abused to make their phone scams more believable and expose you to additional forms of identity theft.

Scams

Scams Banking Accountability Financial Services

TrickMo Banking Trojan Can Now Capture Android PINs and Unlock Patterns

The Hacker News

OCTOBER 15, 2024

New variants of an Android banking trojan called TrickMo have been found to harbor previously undocumented features to steal a device's unlock pattern or PIN. This new addition enables the threat actor to operate on the device even while it is locked," Zimperium security researcher Aazim Yaswant said in an analysis published last week.

Banking

Disrupting Ransomware by Disrupting Bitcoin

Schneier on Security

JULY 26, 2021

Without this payment channel, they write, the major ransomware epidemic is likely to vanish, since the only payment alternatives are suitcases full of cash or the banking system, both of which have severe limitations for criminal enterprises. Or gives out their banking details. This is where it gets interesting.

Ransomware

Ransomware Cryptocurrency Banking Accountability

Fooling a Voice Authentication System with an AI-Generated Voice

Schneier on Security

MARCH 1, 2023

A reporter used an AI synthesis of his own voice to fool the voice authentication system for Lloyd’s Bank.

Authentication

Authentication Banking Artificial Intelligence

New Grandoreiro Banking Malware Variants Emerge with Advanced Tactics to Evade Detection

The Hacker News

OCTOBER 23, 2024

New variants of a banking malware called Grandoreiro have been found to adopt new tactics in an effort to bypass anti-fraud measures, indicating that the malicious software is continuing to be actively developed despite law enforcement efforts to crack down on the operation.

Banking

Banking Malware Software

PIN-Stealing Android Malware

Schneier on Security

JANUARY 9, 2024

This is an old piece of malware—the Chameleon Android banking Trojan—that now disables biometric authentication in order to steal the PIN : The second notable new feature is the ability to interrupt biometric operations on the device, like fingerprint and face unlock, by using the Accessibility service to force a fallback to PIN or password (..)

Malware

Malware Banking Passwords Authentication

Rocinante Trojan Poses as Banking Apps to Steal Sensitive Data from Brazilian Android Users

The Hacker News

SEPTEMBER 3, 2024

Mobile users in Brazil are the target of a new malware campaign that delivers a new Android banking trojan named Rocinante. Finally, it can use all this exfiltrated

Banking

Banking Mobile Phishing Malware

Bizarro Banking Trojan

Details of a Computer Banking Scam

Trending Sources

SMS About Bank Fraud as a Pretext for Voice Phishing

Report: Big U.S. Banks Are Stiffing Account Takeover Victims

Exploring the Overlap: Cost Optimization and Digital Transformation

Cybercrime Rapper Sues Bank over Fraud Investigation

Scammers Sent Uber to Take Elderly Lady to the Bank

Is Your Chip Card Secure? Much Depends on Where You Bank

Tenable: 26,500 Cyber Vulnerabilities Risk SE Asia’s Banks

Everything You Need to Know About Crypto

Hackers stole millions of dollars from Uganda Central Bank

Android malware FakeCall intercepts your calls to the bank

Banks Must Report Cyber Incidents Beginning in May 2022

IBM X-Force Report: Grandoreiro Malware Targets More Than 1,500 Banks in 60 Countries

The Anti-Money Laundering Act of 2020: Initial Catalysts, Current Implications, and Future Impacts

New version of Android malware FakeCall redirects bank calls to scammers

Deepfake Video of Central Bank Governor and Journalist Promotes Fraudulent Investment Opportunity

How to Offer Secure IVR Banking and Authenticate Callers

Ukraine’s cyber operation shut down the ATM services of major Russian banks

ERM Program Fundamentals for Success in the Banking Industry

Fintech Giant Fiserv Used Unclaimed Domain

ToxicPanda Android banking trojan targets Europe and LATAM, with a focus on Italy

Credit Card Fraud That Bypasses 2FA

This $3,000 Android Trojan Targeting Banks and Cryptocurrency Exchanges

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

When in Doubt: Hang Up, Look Up, & Call Back

Fraud on Zelle

The ‘Zelle Fraud’ Scam: How it Works, How to Fight Back

New Android Banking Malware 'ToxicPanda' Targets Users with Fraudulent Money Transfers

Hackers stole millions of dollars from Uganda Central Bank

Crooks bank on Microsoft’s search engine to phish customers

TrickMo Android Trojan Exploits Accessibility Services for On-Device Banking Fraud

BingoMod Android RAT steals money from victims’ bank accounts and wipes data

Disneyland Malware Team: It’s a Puny World After All

New Octo2 Android Banking Trojan Emerges with Device Takeover Capabilities

Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack

Many Public Salesforce Sites are Leaking Private Data

Would You Have Fallen for This Phone Scam?

TrickMo Banking Trojan Can Now Capture Android PINs and Unlock Patterns

Disrupting Ransomware by Disrupting Bitcoin

Fooling a Voice Authentication System with an AI-Generated Voice

New Grandoreiro Banking Malware Variants Emerge with Advanced Tactics to Evade Detection

PIN-Stealing Android Malware

Rocinante Trojan Poses as Banking Apps to Steal Sensitive Data from Brazilian Android Users

Stay Connected