Banks are well aware that criminals will use any trick they can to get control of your money. To stay ahead in the cat-and-mouse game, financial institutions use one-time passwords and verification codes that render most conventional phishing attacks useless. Thus online criminals have had to innovate quickly.
Man-in-the-middle attack allow the attacker to intercept messages between you and your bank. The criminal then sends its own messages to both parties. Just this week, F-Secure Labs has observed multiple man-in-the-middle attacks against at least two Finnish Banks. Other new man-in-the-middle attacks utilize the computing power of our smartphones to trick us out of account information.
Here’s what you should know to keep the thieves out of your digital piggy bank.
1. Never click on links from bank e-mails.
When you’re busy, it’s easy to make a mistake and click on a bad link, especially on our phones. Sean Sullivan from F-Secure Labs says the best strategy is to, “Go to the bank via a browser bookmark.”
2. Know that criminals are targeting your smartphone.
F-Secure Labs has followed Spitmo, a man-in-the-middle attack that targets phones, since spring. And now an Android version has been spotted. This attack pretends to install application that protects the phone’s SMS messages. If you receive an SMS that asks you to install such software on your phone, take the time to contact your bank directly.
3. Keep your system and security software updated.
The registered owner of the site being used for this week’s Finnish bank attack owns more than 90 sites. So as one attack goes down, another one might go up. It’s important to have browsing protection that could prevent you from visiting a site hosting a known attack. And it’s even more important to make your PC is patched and protected. Our free Health Check makes that easy.
Bank robber Willie Sutton never actually said that he robs banks because “That’s where the money is.” But if he lived today, he might have tweeted it.
Criminals will never stop scheming of ways to get into your bank account. By staying aware of their latest tricks, you’ll do your best to keep your money where it belongs.
On a recent episode of F-Secure's Cyber Security Sauna podcast, F-Secure’s Tomi Tuominen told host…
May 16, 2018
Sharing documents scripts and macros over email is a habit you want to break, says…
May 8, 2018