The largest banks are preparing for a significant increase in the number of frauds in the coming year
Photo: NEWS/Mikhail Tereshchenko
Internet and mobile banking remain a high risk area for cardholders. This year, the number of network theft due to the negligence of the customers of credit institutions could grow by 30% — this assessment was given in the Zecurion company that specializes on security issues of remote banking services. The Russians have not yet learned to observe basic rules of financial security on the Internet, experts state.
Last year the number of Internet thefts from Bank cards due to the negligence of their owners, reached 107 thousand cases is 43 and 78% more than in 2015 and 2014 respectively. According to expert estimates, 70% of cases the clients themselves understand how the attackers seized their money.
Forecasts for 2017 disappointing: the growth can reach 30%, while the number of thefts — 135-140 thousand cases, according to Zecurion calculations made on the basis of a survey of the 100 largest banks. The company has evaluated the consolidated data of credit institutions for customers who have installed anti-virus software on personal computers or reported their usernames and passwords to log in to your personal account to third parties.
Analysts found that fraudsters often attack computers with viruses, Trojans and get a duplicate SIM-cards, which account for one-time passwords to confirm transactions. Into the hands of the attackers plays the human factor: sometimes clients open the page the Internet Bank, for example, in the office, which increases the risk of access to their personal data by third parties. Quite dangerous to connect to the Internet-Bank and to social networks that do not bear any responsibility for user accounts.
Additional risks, according to experts, creates and active use of smartphones to log into your personal account. A for easy access to the mobile banking prefer to enter the four digit code instead of full usernames and passwords and thereby increase the vulnerability of the application, experts say.
Audience customers online and mobile banking grows, and the level of user awareness on security issues is reduced, — said the head of the Zecurion analytical center Vladimir Ulyanov.
He also gave some advice to those who are actively paying on the Internet. So, to protect against cybervoron need to enter the Internet Bank with a separate computer or a bootable USB drive. It is not necessary to store a lot of money on a plastic card and the balance should be replenished as needed. In addition, the examiner recommends to enter the Internet Bank via open Wi-Fi network.
According to the head of anti-fraud information security Center of the company “infosistemy Dzhet” Alexey Sizov, for online shopping, it is better to have a separate map. Also the interlocutor of the edition recommends to set limits on debit card transactions and for transactions in the Internet Bank.
— And most importantly — careful consideration should be given to any proposals on behalf of the Bank, which proposed to make transactions, to dictate personal information or to undertake questionable actions using a particular service — warns Alexey Sizov. — If you have any suspicions, it is always better to apply independently to the Bank’s contact center at the telephone number listed on the card.
Basic rules of online safety also relevant because the banks are not always willing to reimburse the customers the funds they lost by their own negligence. To protect the customers of credit institutions, the authorities have developed a mechanism of protection against cybervoron: banks will ask for mobile operators information, does one or the other client SIM card. This pattern of interaction was approved at a recent closed meeting with representatives of the Central Bank, the Ministry of communications, and credit institutions.
— Linking the account to the SIM card will help to reduce the total number of thefts from customers, — said the head of security of banking systems Positive Technologies Timur Yunusov. But you should not rely on this tool as a “silver bullet”. Have cybervoron will still be plenty of opportunities for theft — for example, infection of the smartphones to SMS theft, interception of communication by technical means, for example through a fake base station and the cloning of SIM cards.
According to the interlocutor of the edition, hackers can exploit vulnerabilities and disadvantages of banking systems, allowing to bypass two-factor authentication methods using SMS. Criminals enough to pick up the one-time password or any other way to access it.
“Izvestia” wrote that in 2017 the hackers intensify attacks on Russian banks — they sent 30% of actions the Internet-intruders. Slightly less than a third (27%) cyber crimes still occur on the accounts of ordinary citizens. Let the income from them will be significantly less, but the attack difficulty is not comparable with hacking accounts.