New Delhi: India ranks third among countries with high number of financial Trojan infections, where cyber-criminals defraud customers of online banking services, security solutions firm Symantec said on Tueday.
India has moved up from 5th position in 2014 to rank 3 in 2015, although global detections have dropped, Symantec said in a report.
“Although global detections dropped, financial Trojans are becoming far more capable and criminals are increasingly targeting institutions directly… India was preceded by the US and Germany,” the report added.
The report said India has consistently moved up the rankings for countries with the most number of financial Trojan infections over the last three years (No 7 in 2013; No 5 in 2014; and No 3 in 2015).
Using financial Trojans to defraud customers of online banking services is still a popular method among cybercriminals looking to make a profit, it added.
“For our research, we extracted configuration files from 656 active malware samples. Within those files, we found 2,048 URL patterns that show that the Trojans are targeting customers of 547 organisations in 49 countries,” it said.
The total number of financial Trojan detections continued to decrease in 2015, with a 73 per cent drop compared to the previous year, Symantec added.
“All types of financial institutions are targeted, from small local branches to big global players… Over 60,000 computers in India were compromised with financial Trojans in 2015,” it said.
Globally, the financial sector was the highest targeted sector in January with 40.2 per cent of all spear-phishing attacks, it added.
The report said the primary distribution vector for financial fraud malware is through malicious spam email attachments.
Symantec said users should exercise caution when receiving unsolicited, unexpected, or suspicious emails or phone calls.
“Keep security software and operating systems up to date.
Also, enable advanced account security features, such as 2-factor authentication and use strong passwords for all accounts,” it said.
Users should monitor bank statements regularly for suspicious activity and notify financial institution of any strange behaviour while using their service