Money transfer industry riddled with serious security flaws

Lack of security could allow cyber-crooks to obtain users’ bank details and empty their accounts

An assessment of over 300 businesses for sending money abroad commissioned by Panda Security, the global IT security vendor, has revealed that 30% of the PCs used for bank transfers had an outdated antivirus and 60% were infected with malware. Inadequately protected and often used for other purposes (like instant messaging and downloads), Panda has expressed concern that the computers’ lack of security could allow criminals to intercept authorised remittances using the following tactics:

  • A Trojan/keylogger can be installed on the target computer capable of capturing screen information such as account numbers, banking credentials, PIN codes, etc. This would be facilitated by high-risk behaviour of the people who operate the terminals and poor security standards, such as trial antivirus software and infrequent system maintenance.
  • A targeted phishing attack (pretending to come from one of the most popular money transfer entities) or infections with malicious codes that lead users to fraudulent websites. Any banking data entered on these pages would end up in the criminals’ hands.

As a result of these attacks, banking details of money senders could be intercepted by cyber-crooks who would then have open access to the victims’ accounts.

“Despite being unsafe, these computers are very frequently used to conduct bank transactions. The risk is enormous as we are talking about very sensitive information being stored on infected, vulnerable computers,” says Jeremy Matthews, head of Panda’s sub-Saharan operations. “This combination of lack of maintenance, low security consciousness and risky end-user behaviour results in highly vulnerable systems that are very easy for cyber-criminals to infiltrate.”

“This is an extremely serious issue,” says Matthews, “ especially when you bear in mind that according to the World Bank’s latest data, almost $11 billion of remittances were sent to sub-Saharan Africa last year from economic migrants around the world.”

Preventing and protecting

For all businesses geared engaged in money transfer services, Matthews recommends having an up-to-date anti-malware suite.  “You must also make yourself aware of the security practices put into place before conducting your business,” he says. “We suggest using banks accredited by the relevant authorities because they have higher security standards than most multi-service businesses.”

Cybercrime surge grabs attention at Davos

Cybercrime is in the news. The BBC reports on a panel discussion at the World Economic Forum in Davos where experts warned that the scourge was “rising sharply”. The article says:

Online theft costs $1 trillion a year, the number of attacks is rising sharply and too many people do not know how to protect themselves, they [the panel] said.

The internet was vulnerable, they said, but as it was now part of society’s central nervous system, attacks could threaten whole economies.

The past year had seen “more vulnerabilities, more cybercrime, more malicious software than ever before”, more than had been seen in the past five years combined, one of the experts reported.

The findings of the panel reflect Panda Security’s own observations: more malware was detected within the last year than within the past 17 years combined!

Read the rest of article here.

European media acclaims Panda Security 2009 consumer products

European magazines PC Today and Byte, have awarded their Recommended Product seals to Panda Internet Security 2009 and Panda Global Protection 2009 respectively

Similarly, TCN magazine has awarded five stars to Panda Global Protection 2009

All three publications underline the enormous malware detection capacity of the products thanks to in-the-cloud detection

European IT publications PC Today and Byte have awarded their Recommended Product seals to Panda Internet Security 2009 and Panda Global Protection 2009 respectively. Panda Global Protection 2009 has also been awarded five stars in an analysis carried out by TCN magazine. All three magazines highlighted the enormous malware detection capacity achieved thanks to collective intelligence – Panda’s unique model of security “from the cloud”.

PC Today, one of Spain’s leading IT magazines, published a comparative review of 12 security suites which included Kaspersky Internet Security 2009, McAfee Internet Security 2009, Norton Internet Security 2009 and AVG Internet Security 8.0. Panda Internet Security 2009 was awarded the magazine’s Recommended Product seal of approval, as it was the most effective in detecting new malware.

“Not only does it include a series of extra functions, such as system optimization utilities, a tool for making backup files and control over unauthorized WIFI connections, but the Panda Internet Security Suite scan engine itself is truly powerful,” enthused the magazine, adding: “Its malware detection levels rated really high against all the malware families tested”.

The protection from the cloud, included in all Panda Security 2009 products, was also praised by Byte which awarded its recommended product seal to Panda Global Protection 2009.

“With more malware in circulation at all levels, protection systems must evolve and become more complex to face up to the new threats. Panda’s proposal to improve protection and reduce resource consumption in PCs is based on an improved TruPrevent system, and the use of Collective Intelligence over the Internet”, explains the magazine, adding:  “This approach [Collective Intelligence] offers the advantage that it consumes less resources on each computer. The use of Collective Intelligence to detect spam allows a significant improvement with respect both to the junk mail detected and false positives.”

Byte also drew attention to the simplicity of installing and handling Panda Security products: “The 2009 product line offers a new interface which is simpler, clearer and more direct for controlling the product and adjusting settings with just a single click. There is no complex navigation through complicated levels to reach the options you want”.

TCN magazine also underlined the tremendous detection capacity of the Panda Security products: “The anti-malware engine detects and eliminates all types of viruses, worms, Trojans, rootkits bots, etc. The product also monitors instant messaging application traffic, and protects wireless networks thanks to its ‘WiFi monitor’. Panda Global Protection 2009 stands out for the efficiency of its antivirus engine, designed to block and control Internet-borne attacks”.

For more information about Panda Security products and free trials click here.

Only 8.4% of email reaching companies is legitimate

Only 8.4% of emails that reach companies are legitimate. Some 89.88% of messages are spam, while 1.11% are infected with malware. This data has been compiled after the analysis of 430 million email messages last year by TrustLayer Mail, the clean mail managed service from Panda Security, the global IT security vendor.

Only January witnessed levels of spam below 80%. During the rest of the year, the amount of spam fluctuated, peaking in the second quarter at 94.27%.

“With respect to infected messages, the Netsky.P worm was the most frequently detected malicious code,” says Jeremy Matthews, head of Panda’s sub-Saharan operations. “This type of malware activates automatically when users view the infected message through the Microsoft Outlook preview pane. It does this by exploiting a vulnerability in Internet Explorer that allows automatic execution of email attachments.”

“The fact that these two malicious codes often act in unison explains the high number of detections of both,” said Matthews. “Cyber crooks often launch several strains of malware with each exploit to increase the chances of infection, so even if users whose systems are up-to-date are immune to the exploit, they could still fall victim to infection by the worm if they run the attachment.”

The Rukap.G backdoor Trojan, designed to allow attackers to take control of a computer, and the Dadobra.Bl Trojan were also among the most prevalent malicious code.

“For companies, spam is more than just a nuisance: It consumes bandwidth, wastes employees’ time and can even cause system malfunctions. In the end, it all results in a loss of productivity,” concluded Matthews.

Much of this spam was circulated by the extensive network of zombie computers controlled by cyber-crooks. A zombie is a computer infected by a bot, a type of malware allowing cyber criminals to control infected systems. Frequently, these computers are used as a network to drive malicious actions such as the sending of spam. Just in the last three months of the year, 301,000 zombie computers were being put into action every day.

The subject of spam

With respect to the different types of spam in circulation, 32.25% of spam in 2008 was related to pharmaceutical products with sexual performance enhancers accounting for 20.5%.

Spam relating to the economic situation also grew significantly throughout 2008. False job offers and fraudulent diplomas accounted for 2.75% of all junk mail in the year, while messages promoting mortgages and fake loans were responsible for 4.75%.

Spam promoting fake brand products was responsible for 16.75% of the total. This last category nevertheless, dropped from 21% in the first half of the year to 12.5% in the last six months.

“Hackers steal 4.5m users’ info” – News24

According to an AFP article on News24.com today, hackers stole millions of users’ confidential information from an international recruitment agency:

Hackers have stolen the personal details of some of the millions of online job seekers, a recruitment company confirmed on Tuesday, in one of the biggest cases of data theft in Britain.

Global online recruitment company Monster said hackers had taken confidential information from its database including telephone numbers, email addresses, user names, passwords and some basic demographic data.

Users around the world have been affected, including the 4.5 million reportedly registered with monster.co.uk, the British arm of the US-based giant.

The hacking comes after the details of 25 million child benefit recipients went missing in 2007, in the largest data loss in Britain.

This highlights the importance of identity protection, best practice and innovative technology to keep hackers OUT. With so much important data being kept on databases, this has become a prerequisite for both companies and home PC users.

Read the rest of the article here.

VIEWPOINT: Social networking, passwords and privacy

By Luis Corrons, Director of PandaLabs

We have been warning for a long time of the issue of adding our personal information to any social network. I use them by myself (Facebook, LinkedIn, etc.) and I’m surprised at the amount of personal information that my contacts have there, even more surprised when more than the 90% of my contacts work in security related companies -yes, that means that my social life sucks, I know 😉

Social networks are also a good communication tool, just a few days ago we could see how the Queenstown police arrested a man thanks to Facefook. But things are not black or white, and when the mankind is involved you can also see the dark side. In September 2008 we could see some news reports about terrorist using Facebook to kidnap Israeli soldiers.

But we don’t need to go that far. There is another major issue: people are lazy, we don’t want to have complex passwords that we can’t remember, nor to have a different password for each application; so people just choose an easy to remember password or just create passwords consisting of some of their own personal information, using their birthday, wife/husband name, hometown, etc. Last week 4 people were arrested for blackmailing Spanish singer David Bisbal. Basically they had got into his mail account and used the information stored there. The head of the gang, psychologist, was able to figure out his password after studying all the personal information of the singer that can be obtained from the Internet.

We do not usually have that kind of information about ourselves available for our friends, but we have it on Facebook and similar networks. They are only visible to our friends (we should redefine the word “friend” in a social network enviroment, but I won’t talk about it here). I have not tried (and won’t) to figure out my friends passwords, but I could do it and I’m sure it would work in many cases. And what happens if one of our friend’s accounts gets hacked, is that whoever it is will have access to all his friends info… scary at least.

So please, just follow some basic recommendations:

• Use common sense.
• Restrict viewing of your details to trusted persons.
• Don’t publish your full birth date.
• Don’t reveal your e-mail, phone number or postal address.
• Ignore unsolicited requests to be friends or group membership from unknown people.
• Use different passwords, and change them periodically.

Finally, you can take a look at this list, containing a list of the Top 500 worst passwords of all times, taken from the book Perfect Password (Mark Burnett, 2005). I miss some passwords in this list, as “guest”, “admin” or “backup”, but it is useful so that you can know which ones you shouldn’t choose.