Hackers Targeting Your Online Bank Account

By:  |  Category: Blog, Security Thursday, April 19th, 2018  |  No Comments

According to a new report, banking and finance are the most highly targeted sites for hackers.

The worst vulnerabilities were found in banking and finance web applications tested by Positive Technologies, a firm that provides Internet security products for businesses.“Greater complexity results in more opportunities” for hackers, said the firm, which said banking applications are some of the most complex.

The hackers primary target is the average user. “The number-one threat is attacks that target web application users,” the report said. A surprising 87 percent of banking web applications tested by Positive Technologies were susceptible to these attacks.

Government app users are also big targets because they tend to be less security-savvy, making them easy victims, the said.

“We gained access to personal data of 20 percent of the applications that process user information, including bank and government websites,” the report added.

The most common vulnerability was Cross-Site Scripting, which allows attackers to perform phishing attacks, which can result in malware infection. In a phishing attack, the hacker sends, for instance, an email pretending to be a trusted entity like a bank or major shopping site, hoping to dupe you into clicking on the malicious link.

Denial of service (DOS) attacks – which block access to a web site or service – are common. In 75 percent of e-commerce web applications, there are vulnerabilities enabling DoS attacks, Positive Technologies said.

“Denial of service is especially threatening…High-profile e-commerce web applications receive large amounts of daily visits, increasing the motivation for attackers to find vulnerabilities to turn against users,” the report said.

Employees are the Weakest Links
In separate report released earlier this month, Positive Technologies said employees are often the gateway for attacks.

An alarmingly high percentage of employees download malicious files, click phishing links, and even correspond with hackers, the report said.

Positive Technologies testers pretended to be hackers by sending emails to employees with links to websites or forms that required password entry, the report said. Of the 3,332 messages sent, 17 percent of these messages would have led to a compromise of the employee’s computer, and possibly, the entire company.
The most effective method was to send an email with a phishing link. In that case, 27 percent of recipients clicked on the link. “Users often glance over or ignore the address, leaving them unaware that they are visiting a fake website,” the report said.

If you need help with cybersecurity training for your business give EnhancedTECH a call at 714-970-9330 or contact us at sales@enhancedtech.com.

Samantha Keller

Samantha Keller

Director of Marketing and PR at EnhancedTECH
Samantha Keller (AKA Sam) is a published author, tech-blogger, event-planner and mother of three fabulous humans. Samantha has worked in the IT field for the last fifteen years, intertwining a freelance writing career along with technology sales, events and marketing. She began working for EnhancedTECH ten years ago after earning her Bachelor’s degree from UCLA and attending Fuller Seminary. She is a lover of kickboxing, extra-strong coffee, and Wolfpack football.Her regular blog columns feature upcoming tech trends, cybersecurity tips, and practical solutions geared towards enhancing your business through technology.
Samantha Keller

Latest posts by Samantha Keller (see all)

Leave a Comment
Read previous post:
Innovation Platform
Build an Innovation Platform for your Business

How to help your business think differently From the iPhone to the pet rock, the most lucrative business ideas tend...

Close