While the world adapts to a new way of living amid the COVID-19 pandemic, cybercriminals have accelerated phishing attacks and significantly increased spoofed websites. Unfortunately, they’ve dedicated much of their efforts to financial service providers, hoping that perhaps they’ve let their guard down during this unprecedented time.
Here are some specific threats to be aware of now, along with actionable tips you can use to safeguard beyond enterprise firewalls.
Increased phishing attacks
Phishing attacks jumped by 667% in the month of March 2020 alone according to InfoSecurity magazine. Email remains the predominant channel for phishing attacks, but social media attempts are increasing as of late. Amid the global pandemic, “Emotet” has become the primary malware being distributed via phishing attacks. It is especially dangerous because it evades detection from anti-malware products. Additionally, it has worm-like capabilities that help it spread to other connected computers; the malware can morph itself every time it moves to a new system. Because of this, standard malware detection practices may not suffice.
Banks must apply a prevention strategy to detect “Emotet” before it can become a problem. Focus on phishing prevention by deploying cyber-tools that screen and monitor activity outside of firewalls.
To improve on cybersecurity posture against the enterprise, harden email practices to strictly regulate the information coming into the system and educate staff so they understand how important they are as a first line of defense. Due to the rise of social media-driven phishing attacks, customers also need constant communication and awareness about the harm clicking on fake social media communication disguised as authentic promotional offers or servicing announcements can cause. If a customer were to click on a fake social media advertisement that contains malicious malware, for example, it could eventually deploy a keystroke copier. As a result, the customer’s online banking and other private credentials could be compromised, and account takeover could occur.
In the last few weeks, phishing campaigns have used fake domains designed to look like those owned by the U.S. Centers for Disease Control and Prevention (CDC) and the World Health Organization (WHO); they are sent via phishing emails that appear to come from the CDC. As more businesses seek financial assistance from the government, the U.S. Small Business Administration has also seen a rise in these types of attacks.
Protect your financial institution now
Here are some ways to keep your bank safe from cyber -attacks:
- Make awareness a top five action item. Tell your customers, employees and vendors what your trusted sources look like, and how they function. Outline exactly what official communications look like, the type of information you will never ask for, and the baseline expectations for interactions. Advertise what your trusted sources are so that users can spot a fake.
- Educate your users to be on guard. Tell users exactly how to spot phishing attempts. The common malware Emotet, for example, often presents as emails that look like unexpected replies to older email threads.
- Revisit privileged access policies. Confirm that your organization has enforced the principles of least privilege. Apply enterprise software access on a case-by case basis, so employees have access only to the tools they need to do their job.
- Confirm your lists are current. Keep up to date on blacklists of malicious IPs and compromised websites.
Invest in tools that are smarter than criminals
Internal and external monitoring is becoming industry best practice, and there are solutions that continuously check and alert against your verified trusted sources. FIS Digital Risk Protection (DRP) continually monitors predefined entities across data sources and ensures you receive timely alerts that go beyond the firewalls, VPN, and endpoint detection. Since its Q4 2019 market launch, FIS DRP teams have achieved a 95% takedown acceptance rate.