One week from tomorrow, many in the US will be recovering from Thanksgiving, the annual holiday that celebrates gratitude and eating. They’ll also be firing up their computers to scour the internet for major deals offered on Black Friday, the kickoff of the Christmas shopping season. And of course, following right after that will be Cyber Monday. CISOs at e-commerce organizations will have their hands full. As cybercriminals have grown increasingly business savvy, it’s no surprise that they are poised to take advantage of the seasonal opportunities.
Banking trojans, which are a perennial favorite for hackers, are used to steal sensitive data from financial accounts and online payment systems. During the summer, researchers from Check Point saw a 50 percent spike in the global impact of banking trojans. Now, according to Threatpost, at least 14 banking trojan malware families have their sights set on e-commerce brands that will be attracting flocks of holiday shoppers.
Nearly 70 websites are being actively targeted. About half the sites represent clothing, footwear, gifts, toys, jewelry, and department stores. Additional targets include electronics sites, entertainment and gaming sites, telecom sites, online payment sites, and online retail platforms, says Threatpost.
Chief among the lineup of malware families is Betabot, which can intercept and capture data entered on websites and even redirect users to phishing sites. For businesses that don’t have proper security measures in place, this can mean theft of customers’ personally identifiable information (PII), login credentials, and bank account information.
To secure against banking trojans and other types of threats, the cardinal rule for businesses is a multi-layered cybersecurity strategy. Given that threat actors are coming from all angles, the more layers of defense implemented, the harder it becomes for the attackers to succeed.
Get the full story at Threatpost.