Conclusion

Banking trojans—malware designed to attack the customers of financial institutions and engage in fraudulent activity when they log into a target bank—are just as effective now as they were a decade ago. One reason is because malware authors are good at evading detection, and many organizations have yet to implement web fraud prevention systems that can detect infected customers. Because of this, and the fraud opportunity for attackers beyond traditional banking targets, malware authors have been targeting other industries including retail, CRMs, email providers, and cryptocurrency exchanges and social media for years now.

Fraudulent transactions that occur as a result of a malware-infected client are burdensome on businesses, both from monetary loss and operation expense. If you operate a public facing web application that customers log into and engage in some sort of financial transaction, access data valuable for attackers to resell, or gain access to an account that could get an attacker many accounts (like email), you and your customers will eventually be targeted. It is very important for businesses who fit these profiles to look into web fraud detection solutions, and also provide security awareness training (with a focus on phishing, because that’s how most client malware is installed) to their employees and clients to help them avoid inadvertently installing malware. For more details on how to combat phishing attacks that lead to fraud, see F5 Labs’ 2018 Phishing and Fraud Report.