The advancement of threats to your brand are casting a wider net of places where damage can take place. In 2015 these avenues were generally via malicious MS Office email attachments with macros that were embedded with malware designed to download Trojan banking information. Also included was the targeting of users who visited sites with ad streams that were infected, also known as malvertising as well as Ransomware.
Ransomware's motive is pretty clear. So too are the banking Trojans. The goal is pretty obvious; to steal money via the targeting of user interactions with internet-based banking sites, targeting bank customers in Europe, South America (Brazil primarily) and North America. This year I suspect we will see these attacks moving from not only using Trojans to target financial institutions but all companies who deal with distribution and shipping. These attacks will indeed not only target a more vast array of targets but also more countries. This is primarily done via the utilization of expanding distribution avenues, countries targeted, reaching more victims, platforms and focusing on stealing data from a greater number of industry verticals.
Living in an Online World
Let's face it. We pretty much live online, in a world where infections due to malware are ever increasing. Most experts would agree that this comes with the doing business online territory. It seems like an almost constant occurrence, with news headline's reporting attacks that damage popular brands. This leads to a breakdown in customer confidence and a lessening of a brand's reputation. This lack of confidence by consumers leads them to look to the brands to fix the problems, and allow them to shop with confidence by securing their transactions.
Brand are having a difficult time keeping up with all the malware out there, that before they can educate consumers on the latest threats, another one is looming over their heads and those of their customers. The big questions is, will it ever get to the point of truly being sorted out? Scammers are becoming so skilled in the psychology of consumers and the understanding of human nature and when a consumer will fall for something that social lures are nabbing consumers at a dizzying rate.
Lets' take a look at the main types of malware out there:
Ransomware – Probably the type of malware that is the most popular, Ransomware is malicious software designed to hijack a system or network and encrypts all the data until the user pays a ransom.
Trojans – Mostly used in the banking industry, it is also known as Crimeware, and is software of a malicious nature, which targets consumers and is designed to steal their login credentials for the goal of credit card and/or banking fraud.
Spyware – Without the knowledge of the users, this allows scammers to steal data via logging your key presses and/or print capture
Out of the above 3, Ransomware is the one that has been increasing in popularity. A particular type of Ransomware that goes by the name “Cryptoware” in 2015 had stolen 18 million dollars in assets, as reported by the FBI.
For a company, this type of Malware might present the biggest threat, as the scammer takes control of the network until the company pays the ransom. This may escalate to a full blown data breach which may result in a host of cyber crimes such as invoice fraud, identity theft and other malicious activities that will take advantage and use the data harvested. The biggest impact here is a loss of consumer confidence and trust, something extremely hard to regain.
Taking Action to Prevent
You may ask, how can you protect your company, or brand from suffering attacks malicious in nature? The primary tactic to use here is education. Educating your customers, your employees about the social tactics which are being used and the most common way these scammers fool people.
Furthermore, you need to take all the necessary precautions such as installing the latest anti-virus software, making sure it is updated on a regular basis, turning on your email filtering and making sure you back up regularly.