As the big annual holiday shopping season gets underway, new Kaspersky Lab research shows that banking Trojans are actively targeting online users of popular consumer brands, stealing credentials and other information through these sites. Kaspersky Lab technologies detected 9.2 million attempted attacks by the end of Q3, 2018, compared to 11.2 for the whole of 2017, with detections for one malware family up by 34%.

 

Half of the online shops attacked were well known consumer apparel brands including fashion, footwear, gifts, toys and department stores. Online shoppers in the US, Italy, Germany, Russia, and emerging markets appear to be particularly at risk.

 

Traditionally, banking Trojans target mostly users of online financial services, looking for financial data to steal, or building botnets out of hacked devices for future attacks. Over time, several of these banking Trojans have enhanced their functionality and reach to target the data and credentials of online shoppers, and obtain root access to their devices.

 

The main malware families stealing from victims through e-commerce brands are Betabot, Panda, Gozi, Zeus, Chthonic, TinyNuke, Gootkit2, IcedID, and SpyEye (where detections were up by 34%).

 

The Trojans target well known e-commerce brands to hunt for user credentials like login, password, card number, phone number, and more. They seize the data from victims by intercepting input data on target sites, modifying the online page content, and/or redirecting visitors to phishing pages.

 

The main findings of the research report include:

 

  • Half (50%) of the brand names targeted by the malware families detected are established high street labels, including fashion, footwear, jewelry, gifts, toys and department stores, followed by consumer electronics brands (12%) and entertainment/gaming (12%).

 

  • Overall, the research found 14 malware families targeting a total of 67 consumer e-commerce sites, which include 33 consumer apparel sites, eight consumer electronics sites, eight entertainment and gaming sites, three popular telecoms sites, two online payment sites, and three online retail platforms, among others.

 

Of these:

 

  • Betabot was found to be targeting 46 different brands, including 16 different consumer apparel brands, four consumer electronics brands and eight entertainment/gaming brands; with most of those affected in Italy (14.13% of users affected by any malware were targeted by this threat), Germany (6.04%), Russia (5.5%) and India (4.87%).

 

  • Gozi was found to be targeting 36 brands, including 19 consumer apparel and three consumer electronics brands; with most of those affected in Italy (19.57% of users affected by any of malware), Russia (13.89%), Brazil (11.96%) and France (5.91%).

 

  • Over three million sets of e-commerce credentials were found up for sale on a marketplace easily accessible through the Google search engine. The highest prices are charged for what appear to be hacked merchant accounts.

 

“Credential-stealing banking malware is nothing new. However, the existence of families hunting for data related to online shopping accounts is perhaps more unexpected. If your computer is infected with one of the listed Trojans, then criminals are able to steal payment card details while you enter them on the shop’s website. After that, it is easy for a hacker to get to your money through a compromised credit card,” said Yury Namestnikov, Principal Security Researcher, Global Research and Analysis Team, Kaspersky Lab.

 

“Cybercriminals could also use the stolen accounts in money laundering schemes: buying things from a website using victims’ credentials so they look like known customers and don’t trigger any anti-fraud measures, and then selling those items on again. As we come into the busiest online shopping season of the year, we urge consumers and retailers to be extra vigilant about their security, and to check and double check the integrity of websites before entering or downloading any data,” added Namestnikov.

 

Kaspersky Lab recommends the following steps to stay safe when shopping online:

 

If you are a consumer

 

  • A powerful, updated security solution is a must for all devices you use to shop online. Avoid buying anything online from websites that look potentially dangerous or which resemble an incomplete version of a trusted brand’s website.

 

  • Don’t click on unknown links in email or social media messages, even from people you know, unless you were expecting the message.

 

If you are an online brand or trader

 

  • Use a tailored security solution to protect your business and customers.

 

  • Pay attention to the personal information used by customers to buy from you. Use a fraud prevention solution that you can adjust to your company profile and the profile of your customers.

 

  • Think about how much money you wish to keep in an online payment transaction account at any one time. The greater the balance, the higher the value of that account to hackers.

 

  • Restrict the number of attempted transactions and always use two-factor authentication (Verified by Visa, MasterCard Secure Code and etc.).

 

The research is based on data obtained with user consent and processed using the Kaspersky Security Network (KSN). All malware belonging to the banking Trojans covered in the report are detected and blocked by Kaspersky Lab security solutions.

 

Further information on the research and a copy of the report, Buyer beware: cyber-threats targeting e-commerce, 2018, can be found on Securelist.

 


RECOMMENDED ARTICLE FOR TECHWORLD


 
Apacer Awarded Again by 26th Taiwan Excellence. Outstanding Innovative R&D Strength is Recognized
Techworld Date Posted: 24 October 2017 10:32 AM | 264 Views
Digital storage leader Apacer Technology Inc. has done it again! The company just celebrated its 20th anniversary, and is currently awarded for the 9th consecutive win with the 26th Taiwan Excellence.. See More
 
Apacer Awarded Again by 26th Taiwan Excellence. Outstanding Innovative R&D Strength is Recognized
Techworld Date Posted: 10:32 AM | 264 Views
Digital storage leader Apacer Technology Inc. has done it again! The company just celebrated its 20th anniversary, and is currently awarded for the 9th consecutive win with the 26th Taiwan Excellence.See More

 
Victims of Malicious Crypto Miners Increase by 44% as 2.7 Million Internet Users Are Targeted in a Year
Techworld Date Posted: 10 July 2018 10:02 AM | 481 Views
The number of internet users that have been attacked by malicious crypto currency mining software has increased from 1.9 million to 2.7 million in just one year. Statistics for the last 24 months show.... See More
 
Victims of Malicious Crypto Miners Increase by 44% as 2.7 Million Internet Users Are Targeted in a Year
Techworld Date Posted: 10:02 AM | 481 Views
The number of internet users that have been attacked by malicious crypto currency mining software has increased from 1.9 million to 2.7 million in just one year. Statistics for the last 24 months show...See More

 
Is Anxious the New Normal? Majority of Generation Z Admit to Feeling Anxious about Something in Their Daily Lives and Often Don’t Seek Advice to Help Them Cope with It
Techworld Date Posted: 15 January 2019 3:07 PM | 108 Views
A new Kaspersky Lab report has shown that Generation Z is the most anxious to date, with the vast majority of young people admitting they are worried about something in their lives, and the.... See More
 
Is Anxious the New Normal? Majority of Generation Z Admit to Feeling Anxious about Something in Their Daily Lives and Often Don’t Seek Advice to Help Them Cope with It
Techworld Date Posted: 3:07 PM | 108 Views
A new Kaspersky Lab report has shown that Generation Z is the most anxious to date, with the vast majority of young people admitting they are worried about something in their lives, and the...See More

 
Synology® Announces DiskStation DS1618+
Techworld Date Posted: 21 May 2018 4:45 PM | 447 Views
Synology® Inc. today launched DiskStation DS1618+, a 6-bay NAS featuring the Intel Atom® C3538. For tech enthusiasts and small to medium sized businesses, DS1618+ is the perfect all-in-one solution for file serving, application hosting,.... See More
 
Synology® Announces DiskStation DS1618+
Techworld Date Posted: 4:45 PM | 447 Views
Synology® Inc. today launched DiskStation DS1618+, a 6-bay NAS featuring the Intel Atom® C3538. For tech enthusiasts and small to medium sized businesses, DS1618+ is the perfect all-in-one solution for file serving, application hosting,...See More

 
Jubilate as the Philippine Robotics Team Is Now on the World Stage
Techworld Date Posted: 25 November 2017 5:04 PM | 268 Views
The country’s young geniuses who are part of the Philippine Robotics Team once again proved their world-class brilliance. See More
 
Jubilate as the Philippine Robotics Team Is Now on the World Stage
Techworld Date Posted: 5:04 PM | 268 Views
The country’s young geniuses who are part of the Philippine Robotics Team once again proved their world-class brillianceSee More

 
No Room for Cyber-Complacency: a Quarter of DDoS Attacks Claim Unintended Victims
Techworld Date Posted: 2 April 2018 3:52 PM | 677 Views
Over a quarter of businesses that have been hit by a Distributed Denial of Service (DDoS) attack don’t think they were the intended target, highlighting that businesses can’t afford to be complacent when it.... See More
 
No Room for Cyber-Complacency: a Quarter of DDoS Attacks Claim Unintended Victims
Techworld Date Posted: 3:52 PM | 677 Views
Over a quarter of businesses that have been hit by a Distributed Denial of Service (DDoS) attack don’t think they were the intended target, highlighting that businesses can’t afford to be complacent when it...See More

 
D-Link’s Enhanced Wi-Fi Gigabit Routers, Security Cameras Deliver Improved Connectivity, Security
Techworld Date Posted: 20 March 2018 5:05 PM | 595 Views
Manila, Philippines – D-Link, one of the world’s biggest suppliers of home networking products, matches the growing demand for high-speed connectivity and improved home security with enhanced Wi-Fi gigabit routers and security cameras.. See More
 
D-Link’s Enhanced Wi-Fi Gigabit Routers, Security Cameras Deliver Improved Connectivity, Security
Techworld Date Posted: 5:05 PM | 595 Views
Manila, Philippines – D-Link, one of the world’s biggest suppliers of home networking products, matches the growing demand for high-speed connectivity and improved home security with enhanced Wi-Fi gigabit routers and security cameras.See More

 
Millennial Idols Mayward Share How You Can Use Your FREE 10GB from PLDT Home Prepaid Wifi Wisely
Techworld Date Posted: 2 April 2019 3:51 PM | 46 Views
Fast-rising celebrities Maymay Entrata and Edward Barber a.k.a. MayWard are back with a new video for PLDT Home Prepaid WiFi’s Techie Hacks series. . See More
 
Millennial Idols Mayward Share How You Can Use Your FREE 10GB from PLDT Home Prepaid Wifi Wisely
Techworld Date Posted: 3:51 PM | 46 Views
Fast-rising celebrities Maymay Entrata and Edward Barber a.k.a. MayWard are back with a new video for PLDT Home Prepaid WiFi’s Techie Hacks series. See More

 
Akamai Study Evaluates OTT Consumption Trends across APAC
Techworld Date Posted: 16 December 2017 4:30 PM | 282 Views
Akamai Technologies, Inc. (NASDAQ: AKAM), the world’s largest and most trusted cloud delivery platform, unveiled a study highlighting OTT (Over-the-top) video content consumption trends across six countries.. See More
 
Akamai Study Evaluates OTT Consumption Trends across APAC
Techworld Date Posted: 4:30 PM | 282 Views
Akamai Technologies, Inc. (NASDAQ: AKAM), the world’s largest and most trusted cloud delivery platform, unveiled a study highlighting OTT (Over-the-top) video content consumption trends across six countries.See More

 
Why is there a need for surveillance solutions? Synology has the answers.
Techworld Date Posted: 9 January 2019 4:57 PM | 140 Views
Video surveillance solutions are safety tools that help reduce crime and protect people and properties. Synology, as a network attached storage (NAS) vendor, provides reliable video management system through their Surveillance Station. See More
 
Why is there a need for surveillance solutions? Synology has the answers.
Techworld Date Posted: 4:57 PM | 140 Views
Video surveillance solutions are safety tools that help reduce crime and protect people and properties. Synology, as a network attached storage (NAS) vendor, provides reliable video management system through their Surveillance StationSee More


Power by

Download Free AZ | Free Wordpress Themes