Financial professionals targeted by sophisticated 'keylogger' malware

Financial professionals targeted by sophisticated 'keylogger' malware
New computer viruses designed specifically for financial institutions can avoid attack, steal login information and hijack payment transfers.
JUN 06, 2018
The good news is that financial institutions are better than other industries at preventing malware and other hacker threats, according to a new report from cybersecurity firm Lastline. The bad news: that higher level of security is inspiring more sophisticated attacks. Lastline's analysis of malware samples found at all kinds of finance firms included an unusually large number of keyloggers, a type of malware that records keystrokes entered into a computer and sends username and password information out to a third party. (More: Finra: Firms begin to heed cybersecurity, but have much to do) Instead of phishing scams, which use a fake website page to convince victims to enter their information, keyloggers are programs downloaded, usually through an email attachment, and act in the background. Instead of information to one website, keyloggers can track every user name and password entered, and even gather answers to security questions. Andy Norton, Lastline's director of threat intelligence and author of the report, said one keylogger can result in 50 sets of stolen login credentials. "Keylogging is more bang for the buck for the attacker," Mr. Norton said. In particular, financial institutions are being targeted by two keyloggers, Emotet and URSNIF, which were designed specifically to operate undetected in a firm's technology, Mr. Norton said. These malwares, which infect a computer through a Microsoft Office document, can evade detection and hijack transfer payments. "They are aware of a financial system's back end," Mr. Norton added. "The malwares are built to survive in an enterprise security network." Lastline's analysis found that financial institutions faced 47% more malicious files than the global average, and 20% more of these advanced malwares. (More: This is the No. 1 cybersecurity threat to financial advisers, experts say) Mr. Norton's advice to advisers is to not simply rely on the cybersecurity provided by their home office, but to educate employees and clients on how to be safe online. As with phishing scams and other cyber-threats, advisers and clients both have to be vigilant in which websites they visit, who they share information with, and what they download. "If you understand what something is doing before you let it into your environment, you can have a higher level of resilience," he said.

Latest News

JPMorgan tells fintech firms to start paying for customer data
JPMorgan tells fintech firms to start paying for customer data

The move to charge data aggregators fees totaling hundreds of millions of dollars threatens to upend business models across the industry.

FINRA snapshot shows concentration in largest firms, coastal states
FINRA snapshot shows concentration in largest firms, coastal states

The latest snapshot report reveals large firms overwhelmingly account for branches and registrants as trend of net exits from FINRA continues.

Why advisors to divorcing couples shouldn't bet on who'll stay
Why advisors to divorcing couples shouldn't bet on who'll stay

Siding with the primary contact in a marriage might make sense at first, but having both parties' interests at heart could open a better way forward.

SEC spanks closed Osaic RIA for conflicts, over-charging clients on alternatives
SEC spanks closed Osaic RIA for conflicts, over-charging clients on alternatives

With more than $13 billion in assets, American Portfolios Advisors closed last October.

William Blair taps former Raymond James executive to lead investment management business
William Blair taps former Raymond James executive to lead investment management business

Robert D. Kendall brings decades of experience, including roles at DWS Americas and a former investment unit within Morgan Stanley, as he steps into a global leadership position.

SPONSORED How advisors can build for high-net-worth complexity

Orion's Tom Wilson on delivering coordinated, high-touch service in a world where returns alone no longer set you apart.

SPONSORED RILAs bring stability, growth during volatile markets

Barely a decade old, registered index-linked annuities have quickly surged in popularity, thanks to their unique blend of protection and growth potential—an appealing option for investors looking to chart a steadier course through today's choppy market waters, says Myles Lambert, Brighthouse Financial.