There is a new online threat which is targeting your online banking activity — hackers are attempting to hijack transactions and pocket the money themselves. IBM’s security division has identified this new malware, codenamed Dyre Wolf.
As it is with other malware, the Dyre Wolf phishing scam first needs to infect a computer before it can steal any information from you. It is spread via several different methods of delivery, but email is most common. Once installed on a machine, the malware lies in waiting for a bank transfer to take place. An error message will be displayed if and when a bank transfer is initiated and will display a phone number to call in order to initiate a manual transfer.
When the victim calls the onscreen number a thief picks up the phone on behalf of their corresponding banking institution. Through social engineering the thief extracts information from the victim required for them to initiate their own bank transfers from within the victim’s account. As soon as the call ends, the money has been transferred – just not to the right account. To top things off, a DDoS attack is then launched on the victim’s computer in order to misdirect their attention on the real issue at hand.
The biggest issue with Dyre Wolf now is that few anti-virus solutions can actually detect it, and it’s up to users to identify and deflect the social engineering that allows this phishing scam to work.
Click here to read more.