Security Awareness Tip: Plugins

Every plugin or add-on you install in your browser can expose you to more danger. Only install the plugins you need and make sure they are always current. If you no longer need a plugin, disable or remove it from your browser via your browser's plugin preferences.

 

71% of of the confirmed data breaches from 2016 within the Financial and Insurance Services vertical were the theft of credentials often associated with banking Trojans exploiting software weaknesses and then stealing and reusing customer passwords.

 

A common event chain is:

1.    A person is visits a compromised web site or is sent an email with a link to a malicious site.

2.    Malware exploits a weakness in browser software and installs on the victim's computer or mobile device and identifies when they are accessing a banking              site.

3.    3a. Keyloggers capture user credentials to be reused fraudulently. Or,

       3b. User web request is redirected to a fake site where credentials are entered and captured.

4.    Threat actor issues legitimate credentials to application acting as the customer potentially triggering an SMS second factor authorization code.

5.    The second factor is presented to the fake website and step 4 is repeated.

6.    Account balances get smaller



Below is an illustration of the Dyre banking Trojan at work to exploit vulnerable browsers:


image




Comments to this discussion are now closed!