F-Secure details the inner workings of online bank fraud
Experts from security firm F-Secure have published a highly interesting infographic to show less techie users how cybercriminals manage to gain access to our bank accounts and steal our money.Cyber bank robberies affect all of us and anyone can become a victim of such crimes. In 2010, the US FBI investigated a total of 390 banking fraud cases and the numbers have grown ever since.
So how do cybercriminals manage to steal our money without marching into a bank with guns?
The first thing they do is launch a spam campaign. They send out millions of malicious emails in an attempt to trick users into visiting their cleverly set up websites.
These websites are actually part two of the operation since they contain an exploit kit which “opens the door” to a Trojan downloader.
This malicious element downloads a piece of banking Trojan, the one that’s responsible for stealing our credentials. When a banking Trojan is installed into a computer, the details we’re entering on the bank’s website (or on a site that mimics it) are handed over to the crooks.
Once they have access to our bank accounts, they transfer our funds to the accounts of money mules, individuals who knowingly or unknowingly help the masterminds obtain the actual money.