Awareness on Online Banking Cyber Crime

Computer crime has been defined as “any illegal unethical or unauthorized behavior involving automatic processing or transmission of data”. 

Types of Cyber Crime

Phishing

Very high is the number of phishing attacks against financial institutions, especially banks. What cyber criminals are after are, of course, all types of sensitive information such as account credentials, transfer history etc.

A classic phishing attack consists in tricking the user into divulging personal banking data through fake emails. Attackers direct the recipient to a replicated website looking like the real bank site and encourage them to “login” or submit their information via ad hoc forms.

APWG Global Phishing Survey reports that almost half of 2012 phishing attacks targeted shared hosting spaces as cyber criminals seek large scale phishing attack opportunities.

Pierluigi Paganini of Infosec Institute advocates prevention is better than curing in this case, and suggests a few guidelines to fight the phenomenon:

• Verify online accounts regularly;
• Never divulge personal information via phone or on insecure websites;
• Don’t click on links, download files, or email attachments from unknown senders;
• Beware of pop-ups. Never enter personal information in a pop-up screen.

Watering hole

Watering hole cyber crime is an evolution of phishing. Instead of trying to convince users to visit a certain website, this technique involves injecting malicious code onto specific web pages, and waiting for visitors to be “infected”. Exploit kits to compromise websites are available in the black market.

“Targeting a specific website is much more difficult than merely locating websites that contain a vulnerability. The attacker has to research and probe for a weakness on the chosen website. Indeed, in watering hole attacks, the attackers may compromise. Once compromised, the attackers periodically connect to the website to ensure that they still have access”

A famous watering hole attack is the one against South Korean banks happened in March 2013. Most banks had to interrupt their service due to data loss and servers issues, costing them millions and reputation damage.

Pharming

What happens when cyber criminals want to target more web savvy users? Preventing is better than curing, but sometimes criminal techniques are just too advanced for 99.9% of online banking users. Pharming (from “farming” and “phishing”) is based on banks’ URL hijacking: when people try to enter their actual bank site, a redirection to another site occurs (see Palizine diagram).

Experts say it’s one of the most difficult and advanced cyber crime techniques, but still possible via:

• DNS Cache Poisoning
• Hosts File Modification

Credit card redirection

The nightmare of ecommerce websites is the redirection of their users to domains managed by cyber attackers. Credit cards redirection allows criminals to steal money and sell precious sensitive information in the black market.

MITB: Man In The Browser

Online banking experts say this is a huge threat to banks and their clients. MITB is regarded as one of the most effective cyber crime strategies, and costed billions to banks all over the world in 2012 and 2013. A malware infects the browser of the victim, looking like a plugin, browser extension or Active-X control, and modifies online transactions to steal funds, without being detected.

Here some of the most common trojans found:

• Zeus is spread via phishing schemes and used to acquire illegally bank credentials via MITB techniques. First detected 6 years ago, it attacked US government websites and despite FBI intervention and hundreds of millions in damage, it is still a menace for online banking professionals. Real time statistics on Zeus malware can be accessed at Zeus Tracker.
• Carberp is a famous bank account takeover malware which does not need admin authentication to be installed and therefore bypasses Windows security systems. The source code is leaked. Security industry experts say it’s a powerful menace to online banking. 
• Sinowal is “a malicious application that allows hackers to remotely access you computer system letting them modify files, steal personal information and install more unwanted software” (AVG).
• Clampi has been around since 2008, affecting Microsoft computers and stealing from thousands of websites. SecureWorks regards Clampi as one of the most professional and profitable cyber crime operations of all times.

DDoS attacks

DDoS attacks represent another threat to online banking sites. Operation “Ababil” by Izz ad-Din al-Qassam Cyber Fighters hacktivists attacked top US banks such as U.S. Bankcorp, PNC, SunTrust, JPMorgan, and Bank of America. What’s unique about DDoS attacks is that it does not employ botnets, but rather volunteers, making it difficult to detect anomalous traffic and deal with the attack.

1. Volume Based Attacks – The attacker tries to saturate the bandwidth of the target’s website by flooding it with a huge quantity of data.
2. Protocol Attacks – The attacker’s goal is to saturate the target servers’ resources or those of intermediate communication equipment (e.g., load balancers) by exploiting network protocol flaws.
3. Application Layer (Layer 7) Attacks – Designed to exhaust the resource limits of web services, application layer attacks target specific web applications, flooding them with a huge quantity of HTTP requests that saturate a target’s resource

 Prevention of Cyber Crime 

1. Avoid disclosing your identity to any strangers. 
2. Always use latest antivirus software to guard against virus attacks. 
3. Never send your credit card number to any site which is not secured.
4. Use of firewall 
5. Change passwords frequently 
6. Uninstall unnecessary software