Australian police forces have informed the public that cyber-crooks focus on newer targets to drain funds – online payment systems. We are talking about pension funds, salaries as well as invoice payments. The amount of money in such attacks has not yet reached numbers in the millions, but reports indicated that it’s in the hundreds of thousands of dollars.
The team leader of operations related with cyber-crime working with the Australian Federal Police Scott Mellis has reported that the banks have strengthened their security significantly the last couple of years. This has resulted in cyber-criminals seeking new targets for their financial attacks. The most often targeted locations are reported to be online services such as:
- Invoice payments.
- Pension funds.
- Online salary services.
Not only this but cyber-criminals are also oriented towards attacking other institutions and businesses such as:
- Private and governmental hospital networks.
- Small or medium businesses like stores, etc.
- PoS machines in different locations.
And what is more, the hackers do not mess around when it comes to using their tools. One of the most notorious malware detected in connection to such attacks are:
- Hospital ransomware variants.(CryptoWall, Locky, etc.)
- PoS malware, such as BackOffPoS, PowerSniff file-less malware, BlackPoS and FrameworkPoS.
- ATM backdoor malware.
Furthermore, Mellis reports that for cyber-robbers to transfer the stolen money without revealing their identities, they meet certain challenges. This is why they have come up with a unique method – to use money mules who utilize stolen identities by unsuspecting citizens. These very money mules are reported to be usually people that are living alone and are older in age, like retired old folks. The cyber-criminals may either collect their personal information via other malware on their home computers or use the social engineering technique to pretend to be someone else like a delivery guy or a postman, for example.
How to Be Protected in The Future
Any decent security expert would you that no security system is 100 percent criminal-proof. This is why, for organizations, it is important not to underestimate cyber-security and invest more in anti-malware mechanisms and software. Furthermore, it is crucial to pay attention to educating the employees of an organization to follow certain security tips and make them a habit, for example not to insert randomly discovered flash drives in the parking lot, etc. Regarding the casual user, we strongly advise avoiding entering your personal information online or giving it away to strangers.