Well, if there is one thing we like, it’s consistency. Data collected by Kaspersky Lab has found some of that in a recent report. And what is that news? Though not exactly good news, corporate users are still targeted in roughly 25% of banking Trojan attacks, which has been reasonably the same figure for the past three years. Of course, there is more in this report that collected data from nearly 900,000 of Kaspersky Lab’s solutions during 2018.
Other information found is that banking Trojans are still among the most popular attack vectors and getting banking credentials from corporate users can yield a much higher payoff than “merely” from consumers.
Often, malware of all flavors gets into networks through phishing. And while phishing in email is not the only way these attacks happen (by phone and SMS/text also occurs), it is still the most common. So always know with as much certainty as possible that what you’re clicking or opening is safe. If you don’t know the sender or are not expecting to receive an attachment or link, question it. Contact the sender in a separate email using an address you already know. You can also do things using one of the old fashioned methods of picking up the telephone and calling or walking to the sender’s desk. Yes, it’s crazy! It’s also extremely effective in preventing business email compromise (BEC) and malware attacks.
Other data Kaspersky collected includes some good news. Financial phishing actually declined from 53.8% to 44.7%. Though it still did account for nearly 50% of the detections overall. Mac users made the list too. While MacOS is not targeted by malware as often, the numbers of financial phishing increased a bit to 57.6%.
Android users are not off the hook. Those users were targets of banking malware three times more than the previous year.
Always be sure to care for mobile devices too. Most companies allow some amount of connectivity with personal devices, so when you connect at the office, you’re introducing risk to the entire organization. Always keep anti-virus software loaded on all devices you move around and keep your apps and programs updated as well. This will help lower the chances that anything undesirable ends up worming its way through the corporate network.