Banking Trojans, malicious programs, phishing and other forms of internet-borne malice are ever-evolving risks that keep escalating in numbers and sophistication.

With that, most threats still need user interaction to help usher them into a PC or mobile endpoint. This is where anyone can apply some extra precautions to safeguard against the latest cybercrime schemes.


Mitigating Malware for PC Users

Most cases of PC malware infections begin with spam email that tricks victims into navigating to a spoofed URL or opening a malicious attachment. If you are not expecting a document, such as an invoice, package tracking link or fax, your best bet is to immediately delete the unsolicited message and alert your IT department as well as your bank or other service provider.

Those who frequently conduct online banking away from home should never access personal accounts from public computers. Online banking should be carried out from trusted or secured Wi-Fi networks, over a secured VPN connection and through devices protected by security solutions.

Email Awareness

Stay away from unsolicited email. Seriously. No matter how tempting a subject, if you did not solicit it, did not make a purchase and were not expecting an invoice or package, report it as spam to your IT department. Then send it to the abuse mailbox of the applicable service provider and delete it from both your inbox and the trash folder.

Be especially wary of attachments and examine them for their true extension type. Most malware is actually an executable, like an .exe file; a container file, like .zip or .rar; or an Office spreadsheet or document with macros that, in some cases, run automatically. Don’t let that happen.

Email is not a bulletproof communication method. In fact, it’s the favored method by which phishers, spammers and other cybercriminals spread their malicious schemes. These bad actors are determined to come up with a way to make you open and click, so don’t take the bait.

More Computing Hygiene Tips

Some additional computing hygiene tips can go a long way toward helping users protect themselves from run-of-the-mill malware:

  • Don’t unsubscribe from spam. Instead, mark it as spam or junk and keep your email address private. Spam botnet operators look for unsubscribers to reply so they can verify that the address is active.
  • Always update your operating system as soon as new updates and patches are available. Set your endpoint to update automatically.
  • Delete software you no longer use. Duly update all programs you do use.
  • Disable online ads on the PC you use for banking and payments. Unfortunately, cybercriminals often compromise and repurpose ads for the covert delivery of malware. Known as malvertising, this is one of the most popular methods for malware looking to leverage exploit kits and infect new victims.
  • Ignore free offers. There are no free meals on the internet. Whether it’s a free game, free software or free adult content, you’re likely giving out something without knowing it. Free stuff in the digital realm can easily contain a backdoor to your endpoint, make you part of a botnet, and push adware, spyware, ransomware and banking Trojans to your endpoint.
  • If you are using personal email at work, never open attachments on your work endpoint. Refrain from sending sensitive work data to and from that personal email box.

Mitigating Malware for Mobile and Smartphone Users

The average person looks at his or her phone 46 times every day, according to Time. As for banking with our phones, Payment Week reported that 38 percent of consumers interact with a bank primarily via a mobile device, and 63 percent use phones to carry out standard banking tasks. That means mobile banking is being used more than ever before.

With users migrating their everyday banking to mobile devices, cybercriminals are taking advantage of the increased opportunities to dupe them into opening malicious messages and emails, clicking on evil links or downloading innocuous-looking apps from dubious sources. Users can foil most of these attacks by keeping in mind some familiar tips for mitigating malware:

  • Email spam and unsolicited messages pose the same threat to mobile device users as PC users. Mobile devices are especially vulnerable to phishing attacks and identity theft schemes.
  • Treat unsolicited SMS messages and emails as spam and never open them. Never follow links, open attachments or heed instructions contained in these messages.
  • Criminals like using stressful ploys, such as sending text messages to users claiming their bank or credit card account has been disabled. Don’t take the bait. Call the number provided in the SMS, the number on the back of your credit card or dial the bank directly using a number you know to be genuine.
  • Update your phone’s operating system as soon as a new update is available.
  • Delete apps you no longer use and always update those you do.
  • Enable a screen-lock password for your device.
  • Don’t enable sideloading on your device.
  • Don’t root or jailbreak your device.
  • Don’t download apps from unofficial app stores.
  • Get links to banking and payment apps directly from the service provider’s website.
  • Don’t grant applications admin permissions. If an app requires that sort of control, it is likely something you do not want on your device.
  • Malicious apps often ask for your location and access to SMS, calls and services that cost money. If you downloaded a legitimate app that needs all the above, make sure it actually uses this access for the services it offers.
  • Be vigilant for any odd behavior the device may exhibit. A mobile malware app can lock the device for a ransom or to keep users out while it conducts fraudulent activity. If your device is suddenly inaccessible, check for ransomware and then check your bank account.

Interested in emerging security threats? Read the latest IBM X-Force Research

More from Malware

Hive0051’s large scale malicious operations enabled by synchronized multi-channel DNS fluxing

12 min read - For the last year and a half, IBM X-Force has actively monitored the evolution of Hive0051’s malware capabilities. This Russian threat actor has accelerated its development efforts to support expanding operations since the onset of the Ukraine conflict. Recent analysis identified three key changes to capabilities: an improved multi-channel approach to DNS fluxing, obfuscated multi-stage scripts, and the use of fileless PowerShell variants of the Gamma malware. As of October 2023, IBM X-Force has also observed a significant increase in…

New Hive0117 phishing campaign imitates conscription summons to deliver DarkWatchman malware

8 min read - IBM X-Force uncovered a new phishing campaign likely conducted by Hive0117 delivering the fileless malware DarkWatchman, directed at individuals associated with major energy, finance, transport, and software security industries based in Russia, Kazakhstan, Latvia, and Estonia. DarkWatchman malware is capable of keylogging, collecting system information, and deploying secondary payloads. Imitating official correspondence from the Russian government in phishing emails aligns with previous Hive0117 campaigns delivering DarkWatchman malware, and shows a possible significant effort to induce a sense of urgency as…

ITG10 likely targeting South Korean entities of interest to the Democratic People’s Republic of Korea (DPRK)

7 min read - In late April 2023, IBM Security X-Force uncovered documents that are most likely part of a phishing campaign mimicking credible senders, orchestrated by a group X-Force refers to as ITG10, and aimed at delivering RokRAT malware, similar to what has been observed by others. ITG10's tactics, techniques and procedures (TTPs) overlap with APT37 and ScarCruft. The initial delivery method is conducted via a LNK file, which drops two Windows shortcut files containing obfuscated PowerShell scripts in charge of downloading a…

Ransomware renaissance 2023: The definitive guide to stay safer

2 min read - Ransomware is experiencing a renaissance in 2023, with some cybersecurity firms reporting over 400 attacks in the month of March alone. And it shouldn’t be a surprise: the 2023 X-Force Threat Intelligence Index found backdoor deployments — malware providing remote access — as the top attacker action in 2022, and aptly predicted 2022’s backdoor failures would become 2023’s ransomware crisis. Compounding the problem is the industrialization of the cybercrime ecosystem, enabling adversaries to complete more attacks, faster. Over the last…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today