20 percent of phishing attacks target BFSI

by Sharon Lobo    Jun 27, 2013

PhishingSuccessful attacks on search pages, social networks or email can only yield cyber criminals with individual’s personal data. To mint money from this cybercriminals would have to find buyers for this booty.  So it’s no surprise that BFSI sector continues to attract cybercriminals, since it leads to direct earnings for the scammers.

Phishing, for long has been the most favorite tool deployed by cybercriminals to scam unsuspecting netizens.  According to a Kaspersky Lab study, 20.64 percent of all phishing threats registered between May 2012 and April 2013 were aimed at accounts of banks and other financial organizations worldwide. This data, which was indirectly confirmed by the banks, has also revealed that 37 percent of all banks surveyed were affected by phishing attacks at least once over the previous 12 months.

In such a scenario does the BFSI sector believe their investments in IT security is truly effective, since financial cybercrime continues to rise? Wade Baker, Principal Architect, Verizon Risk Team, believes so as he explains (http://www.cxotoday.com/story/security-industry-is-challenged-by-lack-of-information/), “I actually think that some of that some of these spendings are in fact effective, because we were at least able to identify more of that kind of activity than couple of years ago when this (trend) was largely misunderstood.”

Apart from investing in IT security infrastructure, the BFSI should be careful while choosing the right technology. For example, the technology should prevent execution of any potentially dangerous code in the browser, thus protecting the user against XSS attacks and prevent the malware from downloading automatically.

Finally, it is imperative that the heuristic mechanisms integrated in the technology is effective in detecting malicious links even if they are not included in the database.