Global mobile banking malware attacks rose by 32% in 2023




Kaspersky has released its annual Financial Threats Report for 2023, offering a detailed analysis of the evolving financial cyberthreat landscape. The report reveals significant increases in mobile banking malware and cryptocurrency-related phishing, signaling growing threats to digital financial assets. 

The previous 12-months has witnessed a substantial rise in the number of users encountering mobile banking Trojans, with attacks on Android users surging by 32% – contrary to 2022. The most prevalent banking trojan was Bian.h, accounting for 22% of all Android attacks. Geographically, Afghanistan, Turkmenistan, and Tajikistan recorded the highest share of users encountering banking Trojans, with Turkiye leading mobile banking malware attacks, with almost 3% of users affected (2.98%).

Number of Android users attacked by banking malware by month, 2022 – 2023

While the number of users affected by financial PC malware saw an 11% decline in 2023, Ramnit and Zbot were identified as the predominant malware families, targeting more than 50% of affected users. Consumers continued to be the primary target, comprising 61.2% of all attacks.

In 2023, financial phishing remained a significant threat, accounting for 27.32% of all phishing attacks on corporate users and 30.68% on home users. E-shop brands were identified as the top lure, with 41.65% of financial phishing attempts. Additionally, PayPal phishing represented 54.78% of phishing pages targeting electronic payment system users. The report also highlighted a 16% year-on-year growth in cryptocurrency phishing, with 5.84 million detections in 2023 compared to 5.04 million in 2022.

E-shop phishing was identified as the most prevalent, recording 41.65% of all financial phishing pages. Amazon emerged as the most mimicked online store, accounting for 34% of phishing attempts, followed by Apple at 18.66% and Netflix at 14.71%. PayPal was the most targeted payment system, with 54.73% of attacks.

Cryptocurrency-related phishing and scams continued to grow, with Kaspersky preventing 5,838,499 attempts to follow cryptocurrency-themed phishing links – a 16% increase on 2022. Scammers mimicked cryptocurrency exchanges and offered coins in the name of large enterprises like Apple.

“Money has always been a magnet for cybercriminals, and a substantial portion of malware attacks are financially motivated. The surge in mobile malware witnessed last year highlights a concerning trend in cybercrime. With the emergence of new and aggressive malware strains, attackers are evolving their tactics to target mobile devices more aggressively. This underscores the imperative for individuals and businesses to maintain heightened vigilance, update protective measures, and fortify device security accordingly,” commented Igor Golovin, a security expert at Kaspersky.

To stay safe from mobile malware, Kaspersky recommends:

  • It’s safer to download your apps only from official stores like Google Play or Amazon Appstore. Apps from these markets are not 100% failsafe, but they get checked by shop representatives and there is some filtration system — not every app can get into these stores.
  • Check the permissions of the apps that you use and think carefully before permitting an app, especially when it comes to high risk permissions such as permission to use Accessibility Services.
  • A reliable security solution can help you to detect malicious apps and adware regardless of their obfuscation techniques before they can start behaving badly on your device.
  • A good piece of advice is to update your operating system and important apps as updates become available. Many safety issues can be solved by installing updated versions of software.

Advert:




Be the first to comment

Leave a Reply

Your email address will not be published.


*


This site uses Akismet to reduce spam. Learn how your comment data is processed.