Digital payments rise parallel with banking Trojans

Banking Trojans is a dangerous threat because they steal money from victims’ bank accounts via their credentials or one-time passwords

by AZALEA AZUAR / pic credit: kaspersky.com

KAPERSKY Global Research and Analysis Team for Asia-Pacific (APAC) director Vitaly Kamluk said there has been an increase of banking Trojans in the region while cashless payments are on the rise.

“Even before Covid-19, APAC has always been one of the leaders in digital payment adoption, driven by developed countries like China, Japan, South Korea and even India.

“This pandemic extended the use of this technology significantly further — particularly in still emerging economies in South-East Asia and South Asia,” he said.

The lockdown restrictions have forced people to shift their financial transactions online.

“After analysing the historical figures we have on financial threats, I also learned that there was another outbreak that started in early 2019 in APAC — banking Trojans,” said Kamluk.

Banking Trojans is known to be a dangerous threat because they steal money from bank accounts by obtaining access to its victims’ credentials or one-time passwords to online bank accounts.

This malware can also manipulate the users and hijack control for the live online banking session from the legitimate owner.

The increase of online payment and the lack of awareness in cyber security has contributed to the effectiveness of banking Trojans while developing countries have become their target since 2019.

The Philippines is the highest in the region for banking Trojan threats (22.26%) followed by Bangladesh (12.91%), Cambodia (7.16%), Vietnam (7.04%) and Afghanistan (7.02%).

“Banking Trojans was not the biggest concern of many countries in APAC until 2019 when an outbreak of infections appeared in multiple countries at once.

“From then on, there was no looking back. Our telemetry shows that this malicious threat has grown in terms of detections and reach,” said Kamluk.

Kapersky observed that they would continue to pose a significant threat to both financial organisations and individuals as we continue to see more users and start-ups dipping their feet into the digital payments field.

Based on their analysis of almost 300 publicly reported financial sector cyber incidents since 2007, the types of financial threat actors are non-state actors (cyber criminals), state-sponsored organised skilled hackers, insiders, multiple actors and unknown attackers.

Kamluk warned that the numbers of unknown attackers are growing over time and this is alarming.

Kapersky’s report also showed that the APAC region is the largest contributor to global payments revenue, with analysts expecting the sector to exceed US$1 trillion (RM4.15 trillion) revenue by 2022 or 2023.

Industry players are also expanding aggressively into multiple markets with creative marketing solutions in the hope that every single click would represent a small but significant step towards market domination.

The Philippines is the highest in the APAC region for adopting cashless payments (37%), followed by India (23%), Australia (15%), Vietnam (14%), Indonesia (13%) and Thailand (13%). The lowest number of first-time online payment users are China (5%), South Korea (9%) and Malaysia (9%).

According to Kapersky APAC MD Chris Connell, cash is still mainly preferred as 70% of the respondents still use physical notes for their day-to-day transactions.

“However, mobile payment and mobile banking applications are not far behind with 58% and 52% users utilising these platforms at least once a week up to more than once a day for their finance-related tasks.

“From these solid statistics, we can infer that the pandemic has triggered more people to dip their toes into the digital economy, which may fully dethrone cash use here in the next three to five years,” he said during Kapersky’s Cybersecurity Weekend 2021.