Application Security August 17, 2023

Gozi strikes again, targeting banks, cryptocurrency and more

3 min read - In the world of cybercrime, malware plays a prominent role. One such malware, Gozi, emerged in 2006 as Gozi CRM, also known as CRM or Papras. Initially offered as a crime-as-a-service (CaaS) platform called 76Service, Gozi quickly gained notoriety for…

Intelligence & Analytics July 28, 2023

The rise of malicious Chrome extensions targeting Latin America

9 min read - This post was made possible through the research contributions provided by Amir Gendler and Michael  Gal. In its latest research, IBM Security Lab has observed a noticeable increase in campaigns related to malicious Chrome extensions, targeting  Latin America with a…

Banking & Finance July 3, 2023

How fraudsters redefine mobile banking account takeovers

3 min read - Fraudsters are constantly finding new ways to exploit vulnerabilities in the banking system, and one of the latest tactics involves stealing credit card information via mobile banking apps. This type of attack has been seen in different variations in Spain…

Mobile Security January 10, 2023

A view into Web(View) attacks in Android

9 min read - James Kilner contributed to the technical editing of this blog. Nethanella Messer, Segev Fogel, Or Ben Nun and Liran Tiebloom contributed to the blog. Although in the PC realm it is common to see financial malware used in web attacks…

Banking & Finance July 1, 2021

Confessions of a famous fraudster: How and why social engineering scams work

6 min read - In a world in which bad news dominates, social engineering scams that carry a promise of good news can be incredibly lucrative for cyber criminals. In one recent example, fraudsters set up a phony job posting using a real recruiter…

Malware June 23, 2021

Ursnif Leverages Cerberus to Automate Fraudulent Bank Transfers in Italy

9 min read - Contributed to this research: Segev Fogel, Amir Gendler and Nethanella Messer. IBM Trusteer researchers continually monitor the evolution and attack tactics in the banking sector. In a recent analysis, our team found that an Ursnif (aka Gozi) banking Trojan variant…

Banking & Finance December 15, 2020

IBM Trusteer Exposes Massive Fraud Operation Facilitated by Evil Mobile Emulator Farms

7 min read - IBM Security Trusteer’s mobile security research team has recently discovered a major mobile banking fraud operation that managed to steal millions of dollars from financial institutions in Europe and the US within a matter of days in each attack before…

Application Security June 18, 2020

Ginp Malware Operations are on the Rise, Aiming to Expand in Turkey

5 min read - The Ginp mobile banking malware, which emerged in late 2019, is one of the top most prevalent Android banking malware families today. It started as a SMS stealer and rapidly evolved into one of the most advanced actors in the…

Fraud Protection March 17, 2020

2020 Tax Fraud Trends: How to Protect Yourself at Home and Work

8 min read - Scammers view tax season as a prime recruiting season for victims. Here are the most prominent tax fraud trends in 2020 and how to protect your identity and business from risks.

Banking & Finance September 12, 2019

How Will Strong Customer Authentication Impact the Security of Electronic Payments?

3 min read - The EU's updated Payment Services Directive, PSD2, will introduce a new technical standard that regulates strong customer authentication (SCA).