Banking Trojans, malicious programs, phishing and other forms of internet-borne malice are ever-evolving risks that keep escalating in numbers and sophistication.

With that, most threats still need user interaction to help usher them into a PC or mobile endpoint. This is where anyone can apply some extra precautions to safeguard against the latest cybercrime schemes.


Mitigating Malware for PC Users

Most cases of PC malware infections begin with spam email that tricks victims into navigating to a spoofed URL or opening a malicious attachment. If you are not expecting a document, such as an invoice, package tracking link or fax, your best bet is to immediately delete the unsolicited message and alert your IT department as well as your bank or other service provider.

Those who frequently conduct online banking away from home should never access personal accounts from public computers. Online banking should be carried out from trusted or secured Wi-Fi networks, over a secured VPN connection and through devices protected by security solutions.

Email Awareness

Stay away from unsolicited email. Seriously. No matter how tempting a subject, if you did not solicit it, did not make a purchase and were not expecting an invoice or package, report it as spam to your IT department. Then send it to the abuse mailbox of the applicable service provider and delete it from both your inbox and the trash folder.

Be especially wary of attachments and examine them for their true extension type. Most malware is actually an executable, like an .exe file; a container file, like .zip or .rar; or an Office spreadsheet or document with macros that, in some cases, run automatically. Don’t let that happen.

Email is not a bulletproof communication method. In fact, it’s the favored method by which phishers, spammers and other cybercriminals spread their malicious schemes. These bad actors are determined to come up with a way to make you open and click, so don’t take the bait.

More Computing Hygiene Tips

Some additional computing hygiene tips can go a long way toward helping users protect themselves from run-of-the-mill malware:

  • Don’t unsubscribe from spam. Instead, mark it as spam or junk and keep your email address private. Spam botnet operators look for unsubscribers to reply so they can verify that the address is active.
  • Always update your operating system as soon as new updates and patches are available. Set your endpoint to update automatically.
  • Delete software you no longer use. Duly update all programs you do use.
  • Disable online ads on the PC you use for banking and payments. Unfortunately, cybercriminals often compromise and repurpose ads for the covert delivery of malware. Known as malvertising, this is one of the most popular methods for malware looking to leverage exploit kits and infect new victims.
  • Ignore free offers. There are no free meals on the internet. Whether it’s a free game, free software or free adult content, you’re likely giving out something without knowing it. Free stuff in the digital realm can easily contain a backdoor to your endpoint, make you part of a botnet, and push adware, spyware, ransomware and banking Trojans to your endpoint.
  • If you are using personal email at work, never open attachments on your work endpoint. Refrain from sending sensitive work data to and from that personal email box.

Mitigating Malware for Mobile and Smartphone Users

The average person looks at his or her phone 46 times every day, according to Time. As for banking with our phones, Payment Week reported that 38 percent of consumers interact with a bank primarily via a mobile device, and 63 percent use phones to carry out standard banking tasks. That means mobile banking is being used more than ever before.

With users migrating their everyday banking to mobile devices, cybercriminals are taking advantage of the increased opportunities to dupe them into opening malicious messages and emails, clicking on evil links or downloading innocuous-looking apps from dubious sources. Users can foil most of these attacks by keeping in mind some familiar tips for mitigating malware:

  • Email spam and unsolicited messages pose the same threat to mobile device users as PC users. Mobile devices are especially vulnerable to phishing attacks and identity theft schemes.
  • Treat unsolicited SMS messages and emails as spam and never open them. Never follow links, open attachments or heed instructions contained in these messages.
  • Criminals like using stressful ploys, such as sending text messages to users claiming their bank or credit card account has been disabled. Don’t take the bait. Call the number provided in the SMS, the number on the back of your credit card or dial the bank directly using a number you know to be genuine.
  • Update your phone’s operating system as soon as a new update is available.
  • Delete apps you no longer use and always update those you do.
  • Enable a screen-lock password for your device.
  • Don’t enable sideloading on your device.
  • Don’t root or jailbreak your device.
  • Don’t download apps from unofficial app stores.
  • Get links to banking and payment apps directly from the service provider’s website.
  • Don’t grant applications admin permissions. If an app requires that sort of control, it is likely something you do not want on your device.
  • Malicious apps often ask for your location and access to SMS, calls and services that cost money. If you downloaded a legitimate app that needs all the above, make sure it actually uses this access for the services it offers.
  • Be vigilant for any odd behavior the device may exhibit. A mobile malware app can lock the device for a ransom or to keep users out while it conducts fraudulent activity. If your device is suddenly inaccessible, check for ransomware and then check your bank account.

Interested in emerging security threats? Read the latest IBM X-Force Research

More from Advanced Threats

Black Hat 2022 Sneak Peek: How to Build a Threat Hunting Program

4 min read - You may recall my previous blog post about how our X-Force veteran threat hunter Neil Wyler (a.k.a “Grifter”) discovered nation-state attackers exfiltrating unencrypted, personally identifiable information (PII) from a company’s network, unbeknownst to the security team. The post highlighted why threat hunting should be a baseline activity in any environment. Before you can embark on a threat hunting exercise, however, it’s important to understand how to build, implement and mature a repeatable, internal threat hunting program. What are the components…

4 min read

Top-Ranking Banking Trojan Ramnit Out to Steal Payment Card Data

4 min read - Shopping online is an increasingly popular endeavor, and it has accelerated since the COVID-19 pandemic. Online sales during the 2021 holiday season rose nearly 9% to a record $204.5 billion. Mastercard says that shopping jumped 8.5% this year compared to 2020 and 61.4% compared to pre-pandemic levels. Cyber criminals are not missing this trend. The Ramnit Trojan, in particular, is out for a shopping spree that’s designed to take over people’s online accounts and steal their payment card data. IBM…

4 min read

Detections That Can Help You Identify Ransomware

12 min read - One of the benefits of being part of a global research-driven incident response firm like X-Force Incidence Response (IR) is that the team has the ability to take a step back and analyze incidents, identifying trends and commonalities that span geographies, industries and affiliations. Leveraging that access and knowledge against the ransomware threat has revealed tools, techniques and procedures that can often be detected through the default Windows event logs (WELs). In particular, the X-Force IR team has identified several…

12 min read

How to Report Scam Calls and Phishing Attacks

5 min read - With incidents such as the Colonial Pipeline infection and the Kaseya supply chain attack making so many headlines these days, it can be easy to forget that malicious actors are still preying on individual users. They're not using ransomware to do that so much anymore, though. Not since the rise of big game hunting, anyway. This term marks ransomware actors' shift away from attacks against individual users and towards operations targeting large enterprises, noted CNBC. But attacks like phishing and…

5 min read