Avoiding Malware Attacks

Episode ID S2E09
September 22, 2021

Malware, malicious software that installed on a victim’s computer without their knowledge, can take several forms including ransomware and crimeware, session hijacking, and key logging. Learn the different ways to identify these types of cyberattacks and how to avoid being a victim.  

Transcript

Hello. This is CoBank’s Fraud Wise helping you avoid becoming a victim of fraud. I am Jamie Fiedor, Senior Financial Crimes Specialist, and in this episode, we will be talking about malware, or malicious software, that’s installed on a victim’s computer without their knowledge and with the intent of doing them harm.  These attacks take several forms, including ransomware and crimeware … session hijacking … and key logging, which can lead to identity theft. 

Once we describe how these attacks work, we’ll talk a little about what you can do to avoid being a victim.    So … let’s talk about these types of cyberattacks.

As its name implies, in a ransomware attack, the malware encrypts the victim’s computer and holds the contents hostage until the victim pays a ransom through an electronic payment system.  The encrypted files could be specific customer reports or could be an entire file system.  And until the victim pays up, they won’t be able to access the files, potentially bringing their business to a standstill.  Crimeware is a broader type of attack, and includes malware installed on a victim’s computer to facilitate any criminal activity, like scams and data theft.

In a session hijacking, or man-in-the-browser attack, malware allows the fraudster to view the victim’s computer screen. Usually, the criminal is most interested when the victim is logged into an online banking system.  The criminal can then hijack the banking session while displaying a fake screen to the victim.  This fake screen can be as simple as saying “online banking is experiencing a problem,” and asking users to contact a fraudulent phone number, which gives the criminal the chance to ask for personal information. 

In a more sophisticated approach, the fake screen can actually mimic the online banking system, and while the victim continues to work on what they think is the legitimate banking system, the fraudster can access the accounts behind the scenes. 

In a key logger attack, the malware captures the victim’s password as its being entered.  With the password, or even passwords, in hand, the criminal is free to log in as the victim either during a hijacked session or later, at their convenience.

Drained bank accounts, business interruptions and ransom payments are significant business and financial risks with short-term and long-term implications.  So let’s talk about how to avoid a malware attack in the first place.

Avoiding malware attacks most often comes down to email vigilance.  This is because malware is most often installed through links or attachments contained in unsolicited emails.  These emails often look like they came from someone familiar or official, and so the recipient opens the link or attachment, launching the secret malware installation.

Using care in opening links or attachments is critical to avoiding malware attacks.  Email filters and email quarantines at the organizational level can go far in this effort.  Equally important is training employees to look for red flags in any unsolicited emails they receive, and not to open links or attachments they aren’t certain are safe.

Malware downloads can also happen when visiting a malicious or vulnerable website or social media site, or by clicking on a deceptive pop-up window.  Discourage your employees from using their business computers for personal social media or internet surfing activities.

Safeguarding your computers is also important.  Install virus protection software and run virus scans regularly to catch malware that’s gotten through your other defenses.  And when you run a virus scan, make sure that it’s comprehensive and searches every file on your system, which can typically take a long time to complete.

To protect against a ransomware attack, back up your files every day.  This way, if your system does get locked, you can restore your data and keep operating.  Train your employees that if they’re accessing your online banking system and it’s suddenly slow or they experience anything else unusual, they should log off and run a comprehensive virus scan to see if the computer has become infected.

Finally, we recommend that you limit the number of devices you use to generate online transactions, and for your online banking activities, use a designated computer that doesn’t have email or browser access.

This has been CoBank’s Fraud Wise. Helping YOU avoid becoming a victim of fraud. For more information about these and other types of fraud, visit cobank.com slash security.