SlideShare una empresa de Scribd logo

RSA Monthly Online Fraud Report - June 2013

E
EMC

The RSA Monthly Online Fraud Report offers the latest information on global phishing and malware trends.

TecnologíaEmpresariales
1 de 6
Descargar para leer sin conexión
F R A U D R E P O R T BUGAT TROJAN JOINS THE MOBILE REVOLUTION June 2013 RSA researchers analyzing Bugat Trojan attacks have recently learned that Bugat’s developers managed to develop and deploy mobile malware designed to hijack out-of-band authentication codes sent to bank customers via text messages. Bugat (aka: Cridex) was discovered and sampled in the wild as early as August 2010. This privately-owned crimeware’s earlier targets were business and corporate accounts, its operators attempting high-value transactions ($100K-$200K USD per day) in both automated and manual fraud schemes. It is very likely that Bugat’s operators started seeing a diminished ability to target high-value accounts due to added authentication challenges, forcing them to resort to developing a malware component that is already used by many mainstream banking Trojans in the wild. BITMO: A LITTLE LATE IN THE GAME? In somewhat tardy fashion, Bugat joins the lineup of banking malware that makes use of SMS capturing mobiles apps. The first occurrences of such malware were observed in use by Zeus and SpyEye Trojan variants, which were respectively dubbed ZitMo and SPitMo (Zeus-in-the-Mobile, SpyEye-in-the-Mobile). In mid-2012, RSA coined the name CitMo to denote the Citadel breed of in-the-Mobile activity. The fourth Trojan for which malicious apps were discovered was Carberp in early 2013, and with this case, Bugat is the most recent banking Trojan to have its own SMS-forwarding app, now coined BitMo. WEB INJECTIONS PAVE THE ROAD Among other banking Trojan features, Bugat comes with a set of HTML injections for online banking fraud and possesses Man-in-the-Browser script functionality. This very feature is what allows it to interact with victims in real time and lead them to download
page 2 the BitMo mobile malware to their Android/BlackBerry/Symbian devices. iOs remains almost entirely exempt from this type of malware since the Apple policy limits app downloads from third party sites. Bugat’s operators are not doing anything novel. Much as observed in the case of Citadel- in-the-Mobile (which emerged in May 2012), the malware’s developers created classic web injections, albeit very visually-appealing, designed to show up on the client-side and communicate social engineering messages to the victim. When Bugat-infected online banking customers access their financial provider’s login page, the Trojan is triggered to dynamically pull a relevant set of injections from the remote server, displays them to the victim and leads them to the BitMo download under the guise of AES encryption being adopted by the bank. The malware requests application permissions linked with the SMS relay, while the next injection on the PC side requests that the victim enter a code appearing on the mobile device – connecting the infected PC and the mobile handset. Once installed and deployed BitMo begins hijacking and concealing incoming text messages from the bank, disabling the phones’ audio alerts, and forwarding the relevant messages to its operators’ drop zones. Bugat’s entrance to the mobile space only demonstrates the increasing use of SMS-forwarders as part of Trojan-facilitated fraud. IN-THE-MOBILE MALWARE EVERYWHERE Although the injection set created by Bugat’s developers, as well as the distribution mechanism designed for delivering APKs/BlackBerry OS BitMo apps are indeed sophisticated, the actual malware apps are rather basic and show no innovation. That being said, it is very clear that all banking Trojans, both commercial and privately operated codes, are increasingly making use of SMS-forwarders in their criminal operation.
page 3 Phishing Attacks per Month RSA identified 36,966 phishing attacks launched worldwide in May, marking a 37% increase in attack volume. Trending data shows that a rise in phishing attacks typically occurs in Q2. Number of Brands Attacked In May, 351 brands were targeted in phishing attacks, marking a 13% increase. Two new entities suffered their first attack in May. 0 10000 20000 30000 40000 50000 60000 Source:RSAAnti-FraudCommandCenter 37878 51906 59406 49488 35440 33768 41834 29581 30151 27463 24347 26902 36966 May12 Jun12 Jul12 Aug12 Sep12 Oct12 Nov12 Dec12 Jan13 Feb13 Mar13 Apr13 May13 0 50 100 150 200 250 300 350 400 Source:RSAAnti-FraudCommandCenter 298 259 242 290 314 269 284 257 291 257 260 311 351 May12 Jun12 Jul12 Aug12 Sep12 Oct12 Nov12 Dec12 Jan13 Feb13 Mar13 Apr13 May13
page 4 Top Countries by Attack Volume The U.S. remained the country most targeted by phishing in May, absorbing 50% of the total phishing volume. The UK held steady, once again recording 11% of attack volume. South Africa, the Netherlands, Canada, Australia, and India accounted for about one-quarter of attack volume. UKGermanyChinaCanadaSouth KoreaAustraliaa United Kingdom 11% U.S. 50% India 4% South Africa 5% Canada 5% Australia 5% Netherlands 5% 50 Other Countries 15% US Bank Types Attacked U.S. nationwide banks maintained the highest volume of phishing in May while regional banks saw a 7% increase in phishing volume, from 12% to 19%. Since February, the attack volumes targeting regional banks and credit unions have fluctuated quite a bit. 0 20 40 60 80 100 Source:RSAAnti-FraudCommandCenter 20% 10% 11% 11% 9% 9% 12% 6% 15% 8% 17% 15% 8% 18% 12% 15% 15% 14% 14% 9% 15% 15% 23% 23% 12% 19% 62% 78% 74% 74% 77% 77% 79% 79% 70% 69% 60% 73% 73% May12 Jun12 Jul12 Aug12 Sep12 Oct12 Nov12 Dec12 Jan13 Feb13 Mar13 Apr13 May13
page 5 BIndiaNetherlandsCanadaItalyChinaS AfricaUS Top Countries by Attacked Brands U.S. brands remained the most targeted by phishing among worldwide brands, absorbing 30% of phishing volume in May. UK brands were targeted by one-tenth of phishing volume followed by India, China and Brazil. Top Hosting Countries The U.S. remained the top hosting country in May, hosting 47% of global phishing attacks. Germany was the second top hosting country with 8% of attacks hosted within the country, followed by the UK, the Netherlands, France, and Canada. U.S. 47% 61 Other Countries 30% Germany 8% Canada 3% France 3% Netherlands 4% United Kingdom 5% BraIndiaNetherlandsCanadaItalyChinaS AfricaUSa United Kingdom 9% 50 Other Countries 39% U.S. 30% Brazil 4% Canada 4% China 4% India 6% France 4%
www.emc.com/rsa CONTACT US To learn more about how RSA products, services, and solutions help solve your business and IT challenges contact your local representative or authorized reseller – or visit us at www.emc.com/rsa ©2013 EMC Corporation. EMC, RSA, the RSA logo, and FraudAction are trademarks or registered trademarks of EMC Corporation in the U.S. and/or other countries. All other trademarks mentioned are the property of their respective holders. JUN RPT 0613

Recomendados

The Current State of Cybercrime 2013
The Current State of Cybercrime 2013The Current State of Cybercrime 2013
The Current State of Cybercrime 2013EMC
 
BLURRING BOUNDARIES
BLURRING BOUNDARIESBLURRING BOUNDARIES
BLURRING BOUNDARIES- Mark - Fullbright
 
The Current State of Cybercrime 2014
The Current State of Cybercrime 2014The Current State of Cybercrime 2014
The Current State of Cybercrime 2014EMC
 
ISTR Internet Security Threat Report 2019
ISTR Internet Security Threat Report 2019ISTR Internet Security Threat Report 2019
ISTR Internet Security Threat Report 2019- Mark - Fullbright
 
2014 Cybercrime Roundup: The Year of the POS Breach
2014 Cybercrime Roundup: The Year of the POS Breach2014 Cybercrime Roundup: The Year of the POS Breach
2014 Cybercrime Roundup: The Year of the POS BreachEMC
 
IC3 2019 Internet Crime Report
IC3 2019 Internet Crime ReportIC3 2019 Internet Crime Report
IC3 2019 Internet Crime Report- Mark - Fullbright
 
Kaspersky lab financial_cyberthreats_in_2017
Kaspersky lab financial_cyberthreats_in_2017Kaspersky lab financial_cyberthreats_in_2017
Kaspersky lab financial_cyberthreats_in_2017malvvv
 
Grift horse money stealing trojan takes 10m android users for a ride
Grift horse money stealing trojan takes 10m android users for a rideGrift horse money stealing trojan takes 10m android users for a ride
Grift horse money stealing trojan takes 10m android users for a rideRoen Branham
 

Recomendados

The Current State of Cybercrime 2013
The Current State of Cybercrime 2013The Current State of Cybercrime 2013
The Current State of Cybercrime 2013EMC
 
BLURRING BOUNDARIES
BLURRING BOUNDARIESBLURRING BOUNDARIES
BLURRING BOUNDARIES- Mark - Fullbright
 
The Current State of Cybercrime 2014
The Current State of Cybercrime 2014The Current State of Cybercrime 2014
The Current State of Cybercrime 2014EMC
 
ISTR Internet Security Threat Report 2019
ISTR Internet Security Threat Report 2019ISTR Internet Security Threat Report 2019
ISTR Internet Security Threat Report 2019- Mark - Fullbright
 
2014 Cybercrime Roundup: The Year of the POS Breach
2014 Cybercrime Roundup: The Year of the POS Breach2014 Cybercrime Roundup: The Year of the POS Breach
2014 Cybercrime Roundup: The Year of the POS BreachEMC
 
IC3 2019 Internet Crime Report
IC3 2019 Internet Crime ReportIC3 2019 Internet Crime Report
IC3 2019 Internet Crime Report- Mark - Fullbright
 
Kaspersky lab financial_cyberthreats_in_2017
Kaspersky lab financial_cyberthreats_in_2017Kaspersky lab financial_cyberthreats_in_2017
Kaspersky lab financial_cyberthreats_in_2017malvvv
 
Grift horse money stealing trojan takes 10m android users for a ride
Grift horse money stealing trojan takes 10m android users for a rideGrift horse money stealing trojan takes 10m android users for a ride
Grift horse money stealing trojan takes 10m android users for a rideRoen Branham
 
Top 15 security predictions for 2017
Top 15 security predictions for 2017Top 15 security predictions for 2017
Top 15 security predictions for 2017Accelerate Tech
 
RSA - Behind the scenes of a fake token mobile app operation
RSA - Behind the scenes of a fake token mobile app operationRSA - Behind the scenes of a fake token mobile app operation
RSA - Behind the scenes of a fake token mobile app operationjuan_h
 
RSA Online Fraud Report - August 2014
RSA Online Fraud Report - August 2014RSA Online Fraud Report - August 2014
RSA Online Fraud Report - August 2014EMC
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shiftsmalvvv
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shiftsmalvvv
 
Enabling a Zero Trust strategy for SMS
Enabling a Zero Trust strategy for SMSEnabling a Zero Trust strategy for SMS
Enabling a Zero Trust strategy for SMSPaul Walsh
 
User authentication-info-graphic
User authentication-info-graphicUser authentication-info-graphic
User authentication-info-graphicClickatell
 
2020 Data Breach Investigations Report (DBIR)
2020 Data Breach Investigations Report (DBIR)2020 Data Breach Investigations Report (DBIR)
2020 Data Breach Investigations Report (DBIR)- Mark - Fullbright
 
The Year in Phishing - RSA Fraud Report: January 2013
The Year in Phishing - RSA Fraud Report: January 2013The Year in Phishing - RSA Fraud Report: January 2013
The Year in Phishing - RSA Fraud Report: January 2013EMC
 
Rpt repeating-history
Rpt repeating-historyRpt repeating-history
Rpt repeating-historyAnatoliy Tkachev
 
Android mobile platform security and malware
Android mobile platform security and malwareAndroid mobile platform security and malware
Android mobile platform security and malwareeSAT Publishing House
 
Symantec Website Security Threat Report
Symantec Website Security Threat ReportSymantec Website Security Threat Report
Symantec Website Security Threat Reportcheinyeanlim
 
Whitepaper 2015 industry_drilldown_finance_en
Whitepaper 2015 industry_drilldown_finance_enWhitepaper 2015 industry_drilldown_finance_en
Whitepaper 2015 industry_drilldown_finance_enBankir_Ru
 
Databreach forecast
Databreach forecastDatabreach forecast
Databreach forecastSuresh Kesavan
 
Insecure mag-33
Insecure mag-33Insecure mag-33
Insecure mag-33cheinyeanlim
 
Distil Networks Protecting the Telephony Industry
Distil Networks Protecting the Telephony IndustryDistil Networks Protecting the Telephony Industry
Distil Networks Protecting the Telephony IndustryPaul Hobbs
 
State of Cyber Crime Safety and Security in Banking
State of Cyber Crime Safety and Security in BankingState of Cyber Crime Safety and Security in Banking
State of Cyber Crime Safety and Security in BankingIJSRED
 
Digital ad fraud superheroes the good guys by augustine fou
Digital ad fraud superheroes the good guys by augustine fouDigital ad fraud superheroes the good guys by augustine fou
Digital ad fraud superheroes the good guys by augustine fouDr. Augustine Fou - Independent Ad Fraud Researcher
 
RSA Monthly Online Fraud Report -- August 2013
RSA Monthly Online Fraud Report -- August 2013RSA Monthly Online Fraud Report -- August 2013
RSA Monthly Online Fraud Report -- August 2013EMC
 
Panda labs annual-report-2012
Panda labs annual-report-2012Panda labs annual-report-2012
Panda labs annual-report-2012Комсс Файквэе
 
Answer f4-learning-area-3-ict
Answer f4-learning-area-3-ictAnswer f4-learning-area-3-ict
Answer f4-learning-area-3-ictzahrahar
 
Stronghold to Strengthen: Advanced Windows Server Hardening
Stronghold to Strengthen: Advanced Windows Server HardeningStronghold to Strengthen: Advanced Windows Server Hardening
Stronghold to Strengthen: Advanced Windows Server HardeningMicrosoft TechNet - Belgium and Luxembourg
 

Más contenido relacionado

La actualidad más candente

Top 15 security predictions for 2017
Top 15 security predictions for 2017Top 15 security predictions for 2017
Top 15 security predictions for 2017Accelerate Tech
 
RSA - Behind the scenes of a fake token mobile app operation
RSA - Behind the scenes of a fake token mobile app operationRSA - Behind the scenes of a fake token mobile app operation
RSA - Behind the scenes of a fake token mobile app operationjuan_h
 
RSA Online Fraud Report - August 2014
RSA Online Fraud Report - August 2014RSA Online Fraud Report - August 2014
RSA Online Fraud Report - August 2014EMC
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shiftsmalvvv
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shiftsmalvvv
 
Enabling a Zero Trust strategy for SMS
Enabling a Zero Trust strategy for SMSEnabling a Zero Trust strategy for SMS
Enabling a Zero Trust strategy for SMSPaul Walsh
 
User authentication-info-graphic
User authentication-info-graphicUser authentication-info-graphic
User authentication-info-graphicClickatell
 
2020 Data Breach Investigations Report (DBIR)
2020 Data Breach Investigations Report (DBIR)2020 Data Breach Investigations Report (DBIR)
2020 Data Breach Investigations Report (DBIR)- Mark - Fullbright
 
The Year in Phishing - RSA Fraud Report: January 2013
The Year in Phishing - RSA Fraud Report: January 2013The Year in Phishing - RSA Fraud Report: January 2013
The Year in Phishing - RSA Fraud Report: January 2013EMC
 
Android mobile platform security and malware
Android mobile platform security and malwareAndroid mobile platform security and malware
Android mobile platform security and malwareeSAT Publishing House
 
Symantec Website Security Threat Report
Symantec Website Security Threat ReportSymantec Website Security Threat Report
Symantec Website Security Threat Reportcheinyeanlim
 
Whitepaper 2015 industry_drilldown_finance_en
Whitepaper 2015 industry_drilldown_finance_enWhitepaper 2015 industry_drilldown_finance_en
Whitepaper 2015 industry_drilldown_finance_enBankir_Ru
 
Distil Networks Protecting the Telephony Industry
Distil Networks Protecting the Telephony IndustryDistil Networks Protecting the Telephony Industry
Distil Networks Protecting the Telephony IndustryPaul Hobbs
 
State of Cyber Crime Safety and Security in Banking
State of Cyber Crime Safety and Security in BankingState of Cyber Crime Safety and Security in Banking
State of Cyber Crime Safety and Security in BankingIJSRED
 
RSA Monthly Online Fraud Report -- August 2013
RSA Monthly Online Fraud Report -- August 2013RSA Monthly Online Fraud Report -- August 2013
RSA Monthly Online Fraud Report -- August 2013EMC
 

La actualidad más candente (20)

Top 15 security predictions for 2017
Top 15 security predictions for 2017Top 15 security predictions for 2017
Top 15 security predictions for 2017
 
RSA - Behind the scenes of a fake token mobile app operation
RSA - Behind the scenes of a fake token mobile app operationRSA - Behind the scenes of a fake token mobile app operation
RSA - Behind the scenes of a fake token mobile app operation
 
RSA Online Fraud Report - August 2014
RSA Online Fraud Report - August 2014RSA Online Fraud Report - August 2014
RSA Online Fraud Report - August 2014
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shifts
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shifts
 
Enabling a Zero Trust strategy for SMS
Enabling a Zero Trust strategy for SMSEnabling a Zero Trust strategy for SMS
Enabling a Zero Trust strategy for SMS
 
User authentication-info-graphic
User authentication-info-graphicUser authentication-info-graphic
User authentication-info-graphic
 
2020 Data Breach Investigations Report (DBIR)
2020 Data Breach Investigations Report (DBIR)2020 Data Breach Investigations Report (DBIR)
2020 Data Breach Investigations Report (DBIR)
 
The Year in Phishing - RSA Fraud Report: January 2013
The Year in Phishing - RSA Fraud Report: January 2013The Year in Phishing - RSA Fraud Report: January 2013
The Year in Phishing - RSA Fraud Report: January 2013
 
Rpt repeating-history
Rpt repeating-historyRpt repeating-history
Rpt repeating-history
 
Android mobile platform security and malware
Android mobile platform security and malwareAndroid mobile platform security and malware
Android mobile platform security and malware
 
Symantec Website Security Threat Report
Symantec Website Security Threat ReportSymantec Website Security Threat Report
Symantec Website Security Threat Report
 
Whitepaper 2015 industry_drilldown_finance_en
Whitepaper 2015 industry_drilldown_finance_enWhitepaper 2015 industry_drilldown_finance_en
Whitepaper 2015 industry_drilldown_finance_en
 
Databreach forecast
Databreach forecastDatabreach forecast
Databreach forecast
 
Insecure mag-33
Insecure mag-33Insecure mag-33
Insecure mag-33
 
Distil Networks Protecting the Telephony Industry
Distil Networks Protecting the Telephony IndustryDistil Networks Protecting the Telephony Industry
Distil Networks Protecting the Telephony Industry
 
State of Cyber Crime Safety and Security in Banking
State of Cyber Crime Safety and Security in BankingState of Cyber Crime Safety and Security in Banking
State of Cyber Crime Safety and Security in Banking
 
Digital ad fraud superheroes the good guys by augustine fou
Digital ad fraud superheroes the good guys by augustine fouDigital ad fraud superheroes the good guys by augustine fou
Digital ad fraud superheroes the good guys by augustine fou
 
RSA Monthly Online Fraud Report -- August 2013
RSA Monthly Online Fraud Report -- August 2013RSA Monthly Online Fraud Report -- August 2013
RSA Monthly Online Fraud Report -- August 2013
 
Panda labs annual-report-2012
Panda labs annual-report-2012Panda labs annual-report-2012
Panda labs annual-report-2012
 

Destacado

Answer f4-learning-area-3-ict
Answer f4-learning-area-3-ictAnswer f4-learning-area-3-ict
Answer f4-learning-area-3-ictzahrahar
 
Atomic theory
Atomic theoryAtomic theory
Atomic theoryFLI
 
THE GLOBAL FOOD BOMB AND THE VIOLENT HUNGRY MILLIONS
THE GLOBAL FOOD BOMB AND THE VIOLENT HUNGRY MILLIONS THE GLOBAL FOOD BOMB AND THE VIOLENT HUNGRY MILLIONS
THE GLOBAL FOOD BOMB AND THE VIOLENT HUNGRY MILLIONS Dr. Raju M. Mathew
 
BIOENERGY TECHNOLOGY STATUS IN THAILAND: CHALLENGES AND OPPORTUNITIES
BIOENERGY TECHNOLOGY STATUS IN THAILAND: CHALLENGES AND OPPORTUNITIESBIOENERGY TECHNOLOGY STATUS IN THAILAND: CHALLENGES AND OPPORTUNITIES
BIOENERGY TECHNOLOGY STATUS IN THAILAND: CHALLENGES AND OPPORTUNITIESSrichattra Chaivongvilan
 
Topic 3 Double entry book keeping
Topic 3 Double entry book keepingTopic 3 Double entry book keeping
Topic 3 Double entry book keepingSrinivas Methuku
 
What Is Async, How Does It Work, And When Should I Use It?
What Is Async, How Does It Work, And When Should I Use It?What Is Async, How Does It Work, And When Should I Use It?
What Is Async, How Does It Work, And When Should I Use It?emptysquare
 

Destacado (16)

Answer f4-learning-area-3-ict
Answer f4-learning-area-3-ictAnswer f4-learning-area-3-ict
Answer f4-learning-area-3-ict
 
Stronghold to Strengthen: Advanced Windows Server Hardening
Stronghold to Strengthen: Advanced Windows Server HardeningStronghold to Strengthen: Advanced Windows Server Hardening
Stronghold to Strengthen: Advanced Windows Server Hardening
 
Proteins Slides
Proteins SlidesProteins Slides
Proteins Slides
 
Jose gafas
Jose gafasJose gafas
Jose gafas
 
Kvinder i sydafrika
Kvinder i sydafrikaKvinder i sydafrika
Kvinder i sydafrika
 
Part
PartPart
Part
 
Atomic theory
Atomic theoryAtomic theory
Atomic theory
 
Renaissance art
Renaissance artRenaissance art
Renaissance art
 
THE GLOBAL FOOD BOMB AND THE VIOLENT HUNGRY MILLIONS
THE GLOBAL FOOD BOMB AND THE VIOLENT HUNGRY MILLIONS THE GLOBAL FOOD BOMB AND THE VIOLENT HUNGRY MILLIONS
THE GLOBAL FOOD BOMB AND THE VIOLENT HUNGRY MILLIONS
 
Mayrikis voski dzerqer
Mayrikis voski dzerqerMayrikis voski dzerqer
Mayrikis voski dzerqer
 
BIOENERGY TECHNOLOGY STATUS IN THAILAND: CHALLENGES AND OPPORTUNITIES
BIOENERGY TECHNOLOGY STATUS IN THAILAND: CHALLENGES AND OPPORTUNITIESBIOENERGY TECHNOLOGY STATUS IN THAILAND: CHALLENGES AND OPPORTUNITIES
BIOENERGY TECHNOLOGY STATUS IN THAILAND: CHALLENGES AND OPPORTUNITIES
 
Topic 3 Double entry book keeping
Topic 3 Double entry book keepingTopic 3 Double entry book keeping
Topic 3 Double entry book keeping
 
Photo album
Photo albumPhoto album
Photo album
 
արարատ (1)
արարատ (1)արարատ (1)
արարատ (1)
 
Mi3
Mi3Mi3
Mi3
 
What Is Async, How Does It Work, And When Should I Use It?
What Is Async, How Does It Work, And When Should I Use It?What Is Async, How Does It Work, And When Should I Use It?
What Is Async, How Does It Work, And When Should I Use It?
 

Similar a RSA Monthly Online Fraud Report - June 2013

14 cyber threats
14 cyber threats14 cyber threats
14 cyber threatsmahesh43211
 
M86 security predictions 2011
M86 security predictions 2011M86 security predictions 2011
M86 security predictions 2011subramanian K
 
Qrator Labs annual report 2017
Qrator Labs annual report 2017Qrator Labs annual report 2017
Qrator Labs annual report 2017Qrator Labs
 
CrossTalk - The Art of Cyber Bank Robbery - Stealing your Money Through Insid...
CrossTalk - The Art of Cyber Bank Robbery - Stealing your Money Through Insid...CrossTalk - The Art of Cyber Bank Robbery - Stealing your Money Through Insid...
CrossTalk - The Art of Cyber Bank Robbery - Stealing your Money Through Insid...Aditya K Sood
 
Fraud & Abuse Report 2020 by Arkose LabsFraud report q1 2020
Fraud & Abuse Report 2020 by Arkose LabsFraud report q1 2020Fraud & Abuse Report 2020 by Arkose LabsFraud report q1 2020
Fraud & Abuse Report 2020 by Arkose LabsFraud report q1 2020Jeff Martinez
 
08 notable-security-incidents-in-the-finance-sector
08 notable-security-incidents-in-the-finance-sector08 notable-security-incidents-in-the-finance-sector
08 notable-security-incidents-in-the-finance-sectorChristos Laganas
 
Security News Bytes March 2020
Security News Bytes March 2020Security News Bytes March 2020
Security News Bytes March 2020Hiren Sadhwani
 
08 notable-security-incidents-in-the-finance-sector
08 notable-security-incidents-in-the-finance-sector08 notable-security-incidents-in-the-finance-sector
08 notable-security-incidents-in-the-finance-sectorinnov-acts-ltd
 
CYREN 2013년 인터넷 위협 보고서_영문
CYREN 2013년 인터넷 위협 보고서_영문CYREN 2013년 인터넷 위협 보고서_영문
CYREN 2013년 인터넷 위협 보고서_영문Jiransoft Korea
 
2021 Cybersecurity Recap: How Did We Fare Last Year?
2021 Cybersecurity Recap: How Did We Fare Last Year? 2021 Cybersecurity Recap: How Did We Fare Last Year?
2021 Cybersecurity Recap: How Did We Fare Last Year? XNSPY
 
Symantec Intelligence Report August 2013
Symantec Intelligence Report August 2013Symantec Intelligence Report August 2013
Symantec Intelligence Report August 2013Kenn Peterson
 
Panda labs annual report 2012
Panda labs annual report 2012Panda labs annual report 2012
Panda labs annual report 2012Itex Solutions
 

Similar a RSA Monthly Online Fraud Report - June 2013 (20)

14 cyber threats
14 cyber threats14 cyber threats
14 cyber threats
 
M86 security predictions 2011
M86 security predictions 2011M86 security predictions 2011
M86 security predictions 2011
 
AVG Q3 2012 Threat Report
AVG Q3 2012 Threat ReportAVG Q3 2012 Threat Report
AVG Q3 2012 Threat Report
 
Mobile threat report_q3_2013
Mobile threat report_q3_2013Mobile threat report_q3_2013
Mobile threat report_q3_2013
 
Rp threat-predictions-2013
Rp threat-predictions-2013Rp threat-predictions-2013
Rp threat-predictions-2013
 
Qrator Labs annual report 2017
Qrator Labs annual report 2017Qrator Labs annual report 2017
Qrator Labs annual report 2017
 
CrossTalk - The Art of Cyber Bank Robbery - Stealing your Money Through Insid...
CrossTalk - The Art of Cyber Bank Robbery - Stealing your Money Through Insid...CrossTalk - The Art of Cyber Bank Robbery - Stealing your Money Through Insid...
CrossTalk - The Art of Cyber Bank Robbery - Stealing your Money Through Insid...
 
Fraud & Abuse Report 2020 by Arkose LabsFraud report q1 2020
Fraud & Abuse Report 2020 by Arkose LabsFraud report q1 2020Fraud & Abuse Report 2020 by Arkose LabsFraud report q1 2020
Fraud & Abuse Report 2020 by Arkose LabsFraud report q1 2020
 
08 notable-security-incidents-in-the-finance-sector
08 notable-security-incidents-in-the-finance-sector08 notable-security-incidents-in-the-finance-sector
08 notable-security-incidents-in-the-finance-sector
 
Security News Bytes March 2020
Security News Bytes March 2020Security News Bytes March 2020
Security News Bytes March 2020
 
News Bytes
News BytesNews Bytes
News Bytes
 
08 notable-security-incidents-in-the-finance-sector
08 notable-security-incidents-in-the-finance-sector08 notable-security-incidents-in-the-finance-sector
08 notable-security-incidents-in-the-finance-sector
 
CYREN 2013년 인터넷 위협 보고서_영문
CYREN 2013년 인터넷 위협 보고서_영문CYREN 2013년 인터넷 위협 보고서_영문
CYREN 2013년 인터넷 위협 보고서_영문
 
Emerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business ReadyEmerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business Ready
 
2021 Cybersecurity Recap: How Did We Fare Last Year?
2021 Cybersecurity Recap: How Did We Fare Last Year? 2021 Cybersecurity Recap: How Did We Fare Last Year?
2021 Cybersecurity Recap: How Did We Fare Last Year?
 
B intelligence report-08-2013.en-us
B intelligence report-08-2013.en-usB intelligence report-08-2013.en-us
B intelligence report-08-2013.en-us
 
Symantec Intelligence Report August 2013
Symantec Intelligence Report August 2013Symantec Intelligence Report August 2013
Symantec Intelligence Report August 2013
 
HinDroid
HinDroidHinDroid
HinDroid
 
Panda labs annual report 2012
Panda labs annual report 2012Panda labs annual report 2012
Panda labs annual report 2012
 
220715_Cybersecurity: What's at stake?
220715_Cybersecurity: What's at stake?220715_Cybersecurity: What's at stake?
220715_Cybersecurity: What's at stake?
 

Más de EMC

INDUSTRY-LEADING TECHNOLOGY FOR LONG TERM RETENTION OF BACKUPS IN THE CLOUD
INDUSTRY-LEADING TECHNOLOGY FOR LONG TERM RETENTION OF BACKUPS IN THE CLOUDINDUSTRY-LEADING TECHNOLOGY FOR LONG TERM RETENTION OF BACKUPS IN THE CLOUD
INDUSTRY-LEADING TECHNOLOGY FOR LONG TERM RETENTION OF BACKUPS IN THE CLOUDEMC
 
Cloud Foundry Summit Berlin Keynote
Cloud Foundry Summit Berlin Keynote Cloud Foundry Summit Berlin Keynote
Cloud Foundry Summit Berlin Keynote EMC
 
EMC GLOBAL DATA PROTECTION INDEX
EMC GLOBAL DATA PROTECTION INDEX EMC GLOBAL DATA PROTECTION INDEX
EMC GLOBAL DATA PROTECTION INDEX EMC
 
Transforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIO
Transforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIOTransforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIO
Transforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIOEMC
 
Citrix ready-webinar-xtremio
Citrix ready-webinar-xtremioCitrix ready-webinar-xtremio
Citrix ready-webinar-xtremioEMC
 
EMC FORUM RESEARCH GLOBAL RESULTS - 10,451 RESPONSES ACROSS 33 COUNTRIES
EMC FORUM RESEARCH GLOBAL RESULTS - 10,451 RESPONSES ACROSS 33 COUNTRIES EMC FORUM RESEARCH GLOBAL RESULTS - 10,451 RESPONSES ACROSS 33 COUNTRIES
EMC FORUM RESEARCH GLOBAL RESULTS - 10,451 RESPONSES ACROSS 33 COUNTRIES EMC
 
EMC with Mirantis Openstack
EMC with Mirantis OpenstackEMC with Mirantis Openstack
EMC with Mirantis OpenstackEMC
 
Modern infrastructure for business data lake
Modern infrastructure for business data lakeModern infrastructure for business data lake
Modern infrastructure for business data lakeEMC
 
Force Cyber Criminals to Shop Elsewhere
Force Cyber Criminals to Shop ElsewhereForce Cyber Criminals to Shop Elsewhere
Force Cyber Criminals to Shop ElsewhereEMC
 
Pivotal : Moments in Container History
Pivotal : Moments in Container History Pivotal : Moments in Container History
Pivotal : Moments in Container History EMC
 
Data Lake Protection - A Technical Review
Data Lake Protection - A Technical ReviewData Lake Protection - A Technical Review
Data Lake Protection - A Technical ReviewEMC
 
Mobile E-commerce: Friend or Foe
Mobile E-commerce: Friend or FoeMobile E-commerce: Friend or Foe
Mobile E-commerce: Friend or FoeEMC
 
Virtualization Myths Infographic
Virtualization Myths Infographic Virtualization Myths Infographic
Virtualization Myths Infographic EMC
 
Intelligence-Driven GRC for Security
Intelligence-Driven GRC for SecurityIntelligence-Driven GRC for Security
Intelligence-Driven GRC for SecurityEMC
 
The Trust Paradox: Access Management and Trust in an Insecure Age
The Trust Paradox: Access Management and Trust in an Insecure AgeThe Trust Paradox: Access Management and Trust in an Insecure Age
The Trust Paradox: Access Management and Trust in an Insecure AgeEMC
 
EMC Technology Day - SRM University 2015
EMC Technology Day - SRM University 2015EMC Technology Day - SRM University 2015
EMC Technology Day - SRM University 2015EMC
 
EMC Academic Summit 2015
EMC Academic Summit 2015EMC Academic Summit 2015
EMC Academic Summit 2015EMC
 
Data Science and Big Data Analytics Book from EMC Education Services
Data Science and Big Data Analytics Book from EMC Education ServicesData Science and Big Data Analytics Book from EMC Education Services
Data Science and Big Data Analytics Book from EMC Education ServicesEMC
 
Using EMC Symmetrix Storage in VMware vSphere Environments
Using EMC Symmetrix Storage in VMware vSphere EnvironmentsUsing EMC Symmetrix Storage in VMware vSphere Environments
Using EMC Symmetrix Storage in VMware vSphere EnvironmentsEMC
 
Using EMC VNX storage with VMware vSphereTechBook
Using EMC VNX storage with VMware vSphereTechBookUsing EMC VNX storage with VMware vSphereTechBook
Using EMC VNX storage with VMware vSphereTechBookEMC
 

Más de EMC (20)

INDUSTRY-LEADING TECHNOLOGY FOR LONG TERM RETENTION OF BACKUPS IN THE CLOUD
INDUSTRY-LEADING TECHNOLOGY FOR LONG TERM RETENTION OF BACKUPS IN THE CLOUDINDUSTRY-LEADING TECHNOLOGY FOR LONG TERM RETENTION OF BACKUPS IN THE CLOUD
INDUSTRY-LEADING TECHNOLOGY FOR LONG TERM RETENTION OF BACKUPS IN THE CLOUD
 
Cloud Foundry Summit Berlin Keynote
Cloud Foundry Summit Berlin Keynote Cloud Foundry Summit Berlin Keynote
Cloud Foundry Summit Berlin Keynote
 
EMC GLOBAL DATA PROTECTION INDEX
EMC GLOBAL DATA PROTECTION INDEX EMC GLOBAL DATA PROTECTION INDEX
EMC GLOBAL DATA PROTECTION INDEX
 
Transforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIO
Transforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIOTransforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIO
Transforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIO
 
Citrix ready-webinar-xtremio
Citrix ready-webinar-xtremioCitrix ready-webinar-xtremio
Citrix ready-webinar-xtremio
 
EMC FORUM RESEARCH GLOBAL RESULTS - 10,451 RESPONSES ACROSS 33 COUNTRIES
EMC FORUM RESEARCH GLOBAL RESULTS - 10,451 RESPONSES ACROSS 33 COUNTRIES EMC FORUM RESEARCH GLOBAL RESULTS - 10,451 RESPONSES ACROSS 33 COUNTRIES
EMC FORUM RESEARCH GLOBAL RESULTS - 10,451 RESPONSES ACROSS 33 COUNTRIES
 
EMC with Mirantis Openstack
EMC with Mirantis OpenstackEMC with Mirantis Openstack
EMC with Mirantis Openstack
 
Modern infrastructure for business data lake
Modern infrastructure for business data lakeModern infrastructure for business data lake
Modern infrastructure for business data lake
 
Force Cyber Criminals to Shop Elsewhere
Force Cyber Criminals to Shop ElsewhereForce Cyber Criminals to Shop Elsewhere
Force Cyber Criminals to Shop Elsewhere
 
Pivotal : Moments in Container History
Pivotal : Moments in Container History Pivotal : Moments in Container History
Pivotal : Moments in Container History
 
Data Lake Protection - A Technical Review
Data Lake Protection - A Technical ReviewData Lake Protection - A Technical Review
Data Lake Protection - A Technical Review
 
Mobile E-commerce: Friend or Foe
Mobile E-commerce: Friend or FoeMobile E-commerce: Friend or Foe
Mobile E-commerce: Friend or Foe
 
Virtualization Myths Infographic
Virtualization Myths Infographic Virtualization Myths Infographic
Virtualization Myths Infographic
 
Intelligence-Driven GRC for Security
Intelligence-Driven GRC for SecurityIntelligence-Driven GRC for Security
Intelligence-Driven GRC for Security
 
The Trust Paradox: Access Management and Trust in an Insecure Age
The Trust Paradox: Access Management and Trust in an Insecure AgeThe Trust Paradox: Access Management and Trust in an Insecure Age
The Trust Paradox: Access Management and Trust in an Insecure Age
 
EMC Technology Day - SRM University 2015
EMC Technology Day - SRM University 2015EMC Technology Day - SRM University 2015
EMC Technology Day - SRM University 2015
 
EMC Academic Summit 2015
EMC Academic Summit 2015EMC Academic Summit 2015
EMC Academic Summit 2015
 
Data Science and Big Data Analytics Book from EMC Education Services
Data Science and Big Data Analytics Book from EMC Education ServicesData Science and Big Data Analytics Book from EMC Education Services
Data Science and Big Data Analytics Book from EMC Education Services
 
Using EMC Symmetrix Storage in VMware vSphere Environments
Using EMC Symmetrix Storage in VMware vSphere EnvironmentsUsing EMC Symmetrix Storage in VMware vSphere Environments
Using EMC Symmetrix Storage in VMware vSphere Environments
 
Using EMC VNX storage with VMware vSphereTechBook
Using EMC VNX storage with VMware vSphereTechBookUsing EMC VNX storage with VMware vSphereTechBook
Using EMC VNX storage with VMware vSphereTechBook
 

Último

Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 

Último (20)

Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 

RSA Monthly Online Fraud Report - June 2013

  • 1. F R A U D R E P O R T BUGAT TROJAN JOINS THE MOBILE REVOLUTION June 2013 RSA researchers analyzing Bugat Trojan attacks have recently learned that Bugat’s developers managed to develop and deploy mobile malware designed to hijack out-of-band authentication codes sent to bank customers via text messages. Bugat (aka: Cridex) was discovered and sampled in the wild as early as August 2010. This privately-owned crimeware’s earlier targets were business and corporate accounts, its operators attempting high-value transactions ($100K-$200K USD per day) in both automated and manual fraud schemes. It is very likely that Bugat’s operators started seeing a diminished ability to target high-value accounts due to added authentication challenges, forcing them to resort to developing a malware component that is already used by many mainstream banking Trojans in the wild. BITMO: A LITTLE LATE IN THE GAME? In somewhat tardy fashion, Bugat joins the lineup of banking malware that makes use of SMS capturing mobiles apps. The first occurrences of such malware were observed in use by Zeus and SpyEye Trojan variants, which were respectively dubbed ZitMo and SPitMo (Zeus-in-the-Mobile, SpyEye-in-the-Mobile). In mid-2012, RSA coined the name CitMo to denote the Citadel breed of in-the-Mobile activity. The fourth Trojan for which malicious apps were discovered was Carberp in early 2013, and with this case, Bugat is the most recent banking Trojan to have its own SMS-forwarding app, now coined BitMo. WEB INJECTIONS PAVE THE ROAD Among other banking Trojan features, Bugat comes with a set of HTML injections for online banking fraud and possesses Man-in-the-Browser script functionality. This very feature is what allows it to interact with victims in real time and lead them to download
  • 2. page 2 the BitMo mobile malware to their Android/BlackBerry/Symbian devices. iOs remains almost entirely exempt from this type of malware since the Apple policy limits app downloads from third party sites. Bugat’s operators are not doing anything novel. Much as observed in the case of Citadel- in-the-Mobile (which emerged in May 2012), the malware’s developers created classic web injections, albeit very visually-appealing, designed to show up on the client-side and communicate social engineering messages to the victim. When Bugat-infected online banking customers access their financial provider’s login page, the Trojan is triggered to dynamically pull a relevant set of injections from the remote server, displays them to the victim and leads them to the BitMo download under the guise of AES encryption being adopted by the bank. The malware requests application permissions linked with the SMS relay, while the next injection on the PC side requests that the victim enter a code appearing on the mobile device – connecting the infected PC and the mobile handset. Once installed and deployed BitMo begins hijacking and concealing incoming text messages from the bank, disabling the phones’ audio alerts, and forwarding the relevant messages to its operators’ drop zones. Bugat’s entrance to the mobile space only demonstrates the increasing use of SMS-forwarders as part of Trojan-facilitated fraud. IN-THE-MOBILE MALWARE EVERYWHERE Although the injection set created by Bugat’s developers, as well as the distribution mechanism designed for delivering APKs/BlackBerry OS BitMo apps are indeed sophisticated, the actual malware apps are rather basic and show no innovation. That being said, it is very clear that all banking Trojans, both commercial and privately operated codes, are increasingly making use of SMS-forwarders in their criminal operation.
  • 3. page 3 Phishing Attacks per Month RSA identified 36,966 phishing attacks launched worldwide in May, marking a 37% increase in attack volume. Trending data shows that a rise in phishing attacks typically occurs in Q2. Number of Brands Attacked In May, 351 brands were targeted in phishing attacks, marking a 13% increase. Two new entities suffered their first attack in May. 0 10000 20000 30000 40000 50000 60000 Source:RSAAnti-FraudCommandCenter 37878 51906 59406 49488 35440 33768 41834 29581 30151 27463 24347 26902 36966 May12 Jun12 Jul12 Aug12 Sep12 Oct12 Nov12 Dec12 Jan13 Feb13 Mar13 Apr13 May13 0 50 100 150 200 250 300 350 400 Source:RSAAnti-FraudCommandCenter 298 259 242 290 314 269 284 257 291 257 260 311 351 May12 Jun12 Jul12 Aug12 Sep12 Oct12 Nov12 Dec12 Jan13 Feb13 Mar13 Apr13 May13
  • 4. page 4 Top Countries by Attack Volume The U.S. remained the country most targeted by phishing in May, absorbing 50% of the total phishing volume. The UK held steady, once again recording 11% of attack volume. South Africa, the Netherlands, Canada, Australia, and India accounted for about one-quarter of attack volume. UKGermanyChinaCanadaSouth KoreaAustraliaa United Kingdom 11% U.S. 50% India 4% South Africa 5% Canada 5% Australia 5% Netherlands 5% 50 Other Countries 15% US Bank Types Attacked U.S. nationwide banks maintained the highest volume of phishing in May while regional banks saw a 7% increase in phishing volume, from 12% to 19%. Since February, the attack volumes targeting regional banks and credit unions have fluctuated quite a bit. 0 20 40 60 80 100 Source:RSAAnti-FraudCommandCenter 20% 10% 11% 11% 9% 9% 12% 6% 15% 8% 17% 15% 8% 18% 12% 15% 15% 14% 14% 9% 15% 15% 23% 23% 12% 19% 62% 78% 74% 74% 77% 77% 79% 79% 70% 69% 60% 73% 73% May12 Jun12 Jul12 Aug12 Sep12 Oct12 Nov12 Dec12 Jan13 Feb13 Mar13 Apr13 May13
  • 5. page 5 BIndiaNetherlandsCanadaItalyChinaS AfricaUS Top Countries by Attacked Brands U.S. brands remained the most targeted by phishing among worldwide brands, absorbing 30% of phishing volume in May. UK brands were targeted by one-tenth of phishing volume followed by India, China and Brazil. Top Hosting Countries The U.S. remained the top hosting country in May, hosting 47% of global phishing attacks. Germany was the second top hosting country with 8% of attacks hosted within the country, followed by the UK, the Netherlands, France, and Canada. U.S. 47% 61 Other Countries 30% Germany 8% Canada 3% France 3% Netherlands 4% United Kingdom 5% BraIndiaNetherlandsCanadaItalyChinaS AfricaUSa United Kingdom 9% 50 Other Countries 39% U.S. 30% Brazil 4% Canada 4% China 4% India 6% France 4%
  • 6. www.emc.com/rsa CONTACT US To learn more about how RSA products, services, and solutions help solve your business and IT challenges contact your local representative or authorized reseller – or visit us at www.emc.com/rsa ©2013 EMC Corporation. EMC, RSA, the RSA logo, and FraudAction are trademarks or registered trademarks of EMC Corporation in the U.S. and/or other countries. All other trademarks mentioned are the property of their respective holders. JUN RPT 0613