Warning: Undefined array key "HTTP_ACCEPT_LANGUAGE" in /home/u596154002/domains/usbusinessreviews.com/public_html/wp-includes/load.php on line 2057

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the rank-math domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u596154002/domains/usbusinessreviews.com/public_html/wp-includes/functions.php on line 6114
Asian banks are a favorite target of cybercooks, and malicious bots their preferred tool - Best Business Review Site 2024

Asian banks are a favorite target of cybercooks, and malicious bots their preferred tool

[ad_1]

colorful laptop

Andrew Brookes/Getty Images

Financial institutions are hot favorites among cybercriminals, with those in Asia-Pacific among the most targeted by malicious bot requests and API (application programming interface) attacks. 

Malicious bot traffic in Asia-Pacific including Japan climbed 128% from last year, as hackers turned to bots for scale, efficiency, and impact. The region was the second-most targeted for malicious bot requests against financial services, accounting for 39.7% of the global total volume, according to Akamai’s latest State of the Internet report. 

Also: This data platform will help banks share criminal intelligence

Such attacks include website scraping to impersonate websites of financial services providers for phishing scams, as well as credential stuffing, during which user credentials such as usernames and passwords are stolen via automated injections to take over accounts. 

Asia-Pacific Japan also saw a 36% increase in web application and API attacks, clocking more than 3.7 billion attacks over the past year. Local file inclusion, where vulnerabilities in web servers or applications are exploited to gain access to files stored locally, remains the top attack vector, accounting for 63.2% of all attacks. Cross-site scripting was the second-most popular vector, accounting for 21.3% of all attacks, followed by PHP injection at 6.32%. 

The Akamai report noted that 92.3% of attacks against the region’s financial sector were directed toward banks.

The sector also bore half of all web application and API attacks in Asia-Pacific Japan, followed by the commerce sector at 19.99% and social media at 8.3%. 

Global financial hubs Australia, Singapore, and Japan were the top three most targeted countries in the region, collectively taking on more than three-quarters of all web application and API attacks. 

Akamai noted that financial services institutions will face increasing risks as they expand their digital footprint to gain competitive ground and reach more customers. As it is, 40% of scripts used by these organizations are third-party in nature, as they work to develop more channels and improve customer experience. 

Also: The best security keys

“[The region’s] financial services sector is one of the most innovative and competitive in the world, [with] financial institutions increasingly turning to third-party scripts to quickly add new offerings, features, and interactive experiences for customers,” said Reuben Koh, Akamai’s Asia-Pacific Japan security technology and strategy director. 

“However, businesses usually have limited visibility into the authenticity and potential vulnerabilities of these scripts, introducing yet another layer of risk to the business,” Koh said. “Due to this limited visibility of risky third-party scripts, threat actors now have yet another vector to launch attacks against banks and their customers.”

He noted that with the growing popularity of financial aggregators and companies adopting open banking practices, the sector will be increasingly dependent on the use of APIs and third-party scripts. This will further widen attack surfaces, he cautioned. 

“Financial institutions must focus on securing new digital offerings, continuously educating customers on cyber hygiene best practices, and investing in frictionless security measures for users,” he added. “As regulators enforce policies to strengthen cybersecurity standards, it is also important for financial services organizations to understand and account for new compliance requirements while strengthening their security posture and cyber resilience against modern cyber threats.”

Also: The best VPN services right now: Expert tested and reviewed

Singapore is among the regulators that have taken steps to beef up the digital defense of critical information infrastructures, including the financial sector. It introduced security measures over the past year, following a series of phishing SMS scams that had wiped out victims’ life savings. 

Such measures included the need for SMS service providers to check against a registry before sending through messages and for banks to provide a “kill switch”, allowing customers to quickly suspend their accounts should they suspect a security breach.

More Singapore banks roll out anti-malware feature

More recently, Singapore banks began introducing an anti-malware feature that locks out account access if mobile apps downloaded from unofficial app stores are detected on the user’s device. OCBC, which was involved in the phishing scams, was the first to launch the feature last month, but took on some backlash when customers found themselves unable to access their accounts despite only having downloaded legitimate apps onto their devices. 

Two other local banks — DBS and UOB — this week followed suit, rolling out the anti-malware security feature, restricting customers’ access to their respective banking apps if apps from third-party and unauthorized sites are detected. Permission settings deemed “risky” that have been enabled on the user’s device also will result in restricted access.

In all cases, customers will have to disable such permission settings or uninstall apps identified as unauthorized before they can access their bank’s app or digital services.

Also: AI, trust, and data security are key issues for finance firms and their customers

In a note to its customers on the new security measures, UOB said: “We will be restricting access to UOB TMRW app when screen-sharing or when mobile apps with risky permissions are detected, as this may compromise your banking and personal information…These security measures are necessary to protect you from exposure to malware scams. We value your privacy. You can be assured these new features do not monitor your phone activity, collect or store any personal data.”

If unauthorized apps are detected, an error screen will pop up on UOB customers’ devices, highlighting the name of the app, and the session will be terminated. An error message also will be displayed if external apps or tools are detected attempting to access the bank’s app. Users will have to stop screen-sharing on the other app or tool, in order to continue using the UOB app. 



[ad_2]

Source link

slot gacor slot gacor togel macau slot hoki bandar togel slot dana slot mahjong link slot link slot777 slot gampang maxwin slot hoki slot mahjong slot maxwin slot mpo slot777 slot toto slot toto situs toto toto slot situs toto situs toto situs toto situs toto slot88 toto slot slot gacor thailand slot bet receh situs toto situs toto slot toto slot situs toto situs toto situs toto situs togel macau toto slot slot demo slot pulsa slot pragmatic situs toto deposit dana 10k surga slot toto slot link situs toto situs toto slot situs toto situs toto slot777 slot gacor situs toto slot slot pulsa 10k toto togel situs toto slot situs toto slot gacor terpercaya slot dana slot gacor pay4d agen sbobet kedai168 kedai168 deposit pulsa situs toto slot pulsa situs toto slot pulsa situs toto situs toto situs toto slot dana toto slot situs toto slot pulsa toto slot situs toto slot pulsa situs toto situs toto situs toto toto slot toto slot slot toto akun pro maxwin situs toto slot gacor maxwin slot gacor maxwin situs toto slot slot depo 10k toto slot toto slot situs toto situs toto toto slot toto slot toto slot toto togel slot toto togel situs toto situs toto toto slot slot gacor slot gacor slot gacor situs toto situs toto cytotec toto slot situs toto situs toto toto slot situs toto situs toto slot gacor maxwin slot gacor maxwin link slot 10k slot gacor maxwin slot gacor slot pulsa situs slot 10k slot 10k toto slot toto slot situs toto situs toto situs toto bandar togel 4d toto slot toto slot