Internet security solutions firm McAfee has asked customers to use
only the official App (application) offered by their respective banks when they carry out financial transactions online.
The
company, in its threat report for the second quarter, found that cyber
fraudsters are attempting to bypass the two-factor authentication set by
these banks.
“Once
the attacker has stolen a username and password from a victim’s PC, the
thief needs only to get the user to install SMS-forwarding malware,”
the company said.
When they don’t, they will be duped.
“While
the victims think they have the original app installed, the attacker
logs in to the users’ accounts to get the latest SMS from the bank,” it
said. Banks in Europe and Asia require two-factor
authentications via SMS messages. When customers log in to their bank
accounts online, they are sent a mobile transaction authentication
number (mTAN) as a text message.
They must then enter the mTAN code to get access to their accounts.
This step prevents an attacker, who steals only the username and password, from making off with the victim’s money.
The
total number of suspect URLs tallied by McAfee Labs crossed 74.7
million by the end of June. This represents a 16 per cent increase over
the first quarter. These URLs refer to 29 million domain names, up by 5
per cent from the previous period.
No comments:
Post a Comment