The number of banking Trojan attacks that steal payment data doubled in 2022 compared to 2021 and reached almost 20 million attacks, according to a Kaspersky report. Especially on Black Friday, cybercriminals used a new type of phishing scheme for the first time using Buy Now Pay Later (BNPL) services.
This year, in addition to this active campaign to steal bank credentials, cybercriminals have developed new fraud schemes.
They first used a new type of phishing scheme using Buy Now Pay Later (BNPL) services.
Banking Trojans are widely used tools in the arsenal of cybercriminals who take advantage of the season of deals. When a user browses an online store, the Trojan saves all the data that the user enters into the site’s forms. This means that cybercriminals have access to the victim’s credit or debit card number, expiration date, CVV code and login details. After receiving this information, attackers can use it to steal money from the user’s bank account, as well as to make various purchases or sell data in dark web stores.
After a sharp decline in the number of banking Trojan attacks in 2021, cybercriminals have returned to this type of threat, much more prepared. In 2022, the number of attacks doubled compared to the same period in 2021. From January to November, Kaspersky products detected and prevented almost 20 million attacks, which represents a global increase in the number of detections by 92%.
In 2022, Kaspersky experts also discovered numerous examples of phishing pages using BNPL services for the first time. These tools allow customers to split the purchase price into several interest-free payments. Thus, such services attract consumers, especially young people, and have proven to be particularly popular during shopping periods such as Black Friday.
An example of this fraud is the abuse of the popular service Afterpay (Clearpay in the UK and Italy), which has 20 million active users worldwide. The attackers created a page that mimics the official website, tricking victims into entering their credit card numbers and CVVs into a fake form. After the user enters their details, cybercriminals will try to steal as much money as possible from that card by draining the victim’s account.
Photo source: Dreamstime.com
Mary Robinson is a renowned journalist in the field of Automobile. She currently works as a writer at 247 news reel. With a keen eye for detail and a passion for all things Automotive, Mary’s writing provides readers with in-depth analysis and unique perspectives on the latest developments in the field.