May 26, 2020

Kaspersky finds compromised popular mobile apps in official app stores

Three adware-carrying apps found in last three months

Woburn, MA – May 22, 2020 — According to analysis identified by Kaspersky Fraud Prevention, last year, two percent of transactions in e-banking and online retail were carried out by fraudsters, and 16% of transactions were suspicious and required further investigation. The most common malicious activity found was the use of malware or remote access tools. Specific to e-commerce, fraudsters often leveraged tools that automatically perform programmed actions.

Digital financial services and e-commerce simplify people's lives, allowing them to order goods or manage their finances wherever it is convenient for them. Moreover, with the ongoing coronavirus lockdown measures in place, the importance of online services has grown even more. With many people heavily relying on these services, the Kaspersky Fraud Prevention report has revealed why it is so important to protect these types of businesses from fraudsters.

According to anonymized statistics of events detected by Kaspersky’s anti-fraud solution from January to December 2019, the most common case of fraud (63%) was attempts to access personal accounts using malware or legitimate remote control software. These tools, such as AnyDesk, TeamViewer, AirDroid and AhMyth, are intended for remote working and troubleshooting. Cybercriminals can impersonate someone from a banking service’s support team and ask the intended victim to install of the aforementioned applications. That way, they obtain access to victims’ devices, allowing them to reveal the user’s pin, one-time password, withdraw money or even submit loan applications.

Misuse of remote control software is followed by occasions when fraudsters takeover their victim’s account, or incidents when attackers use a legitimate user’s compromised credentials to steal money or loyalty program bonuses. This was used in 34% of detected incidents.

Fraud not only affects the financial sector, but online retail as well. As for the specific schemes in e-commerce, 44% of all cases involved the creation of fake accounts. By signing up for multiple registrations in retail loyalty programs, criminals receive welcome bonus points which they go on to sell at a discount. As creating a large number of accounts manually is a time consuming endeavor, fraudsters often use bots or special tools programmed to perform the required actions automatically.

“It can be difficult to detect fraudsters as they often use legitimate tools and are good at mimicking genuine user behavior,” said Claire Hatcher, head of business development for Kaspersky Fraud Prevention. “For example, remote access tools are not always malicious, so they will not be detected by an anti-virus solution. There is also nothing wrong with registering a new account in a loyalty program, however, it is suspicious when a large number of users come from a single IP address or have similar mouse tracings. That is why we continually examine how fraudulent schemes are evolving in order to optimize our solution.”

To stay protected from ever-changing fraud techniques, Kaspersky recommends financial services and retailers adopt the following measures:

  • Limit the number of attempts to conduct a transaction. Cybercriminals may try several times to enter correct credentials or card numbers.
  • Educate your customers on possible tricks malefactors may use. Regularly send them information on how to identify fraud and behave in this situation.
  • Conduct annual security audits and penetration tests to find security issues in a company’s network.
  • Have a dedicated fraud analysis team capable of finding and analyzing the emerging methods fraudsters are using.
  • Implement multi-factor authentication to minimize chances of accounts being taken over.
  • Install a fraud prevention solution that can be quickly adapted for identifying new attack schemes and methods.

To learn more about the main fraud vectors companies face, please refer to the Kaspersky Fraud Prevention report.

About Kaspersky

Kaspersky is a global cybersecurity company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at usa.kaspersky.com.

Media Contact:
Cassandra Faro
Cassandra.Faro@Kaspersky.com
781-503-1812