Rapid innovation in digital technologies creates endless possibilities for ways to pay. Consumers are adopting new behaviors and expect nothing smaller than comfort and security. Balance these two seemingly contradictive things might seems challenging. Recently published paper from Forrester Consulting shows, that these two worlds can be without any doubt interconnected.
Open Redirect is one of the most overlooked vulnerabilities with potentially devastating consequences. The simple flaw allows a fraudster to redirect the user to a phishing website without raising any suspicion by masking the URL as a legitimate one. Since ThreatMark deals with this issue often, let’s dig deeper and find out how this vulnerability […]
Recently our internet probes detected several massive phishing campaigns aiming at banks mostly located in Europe. All of them are fitting the same patterns and an educated user could easily spot them. Since phishing campaigns could lead to identity theft, financial loss, and data compromising, let’s look at these 7 tips that help you recognize how to spot these phishing e-mails. But […]
1. Management summary Backswap is financial banking malware whose activity has been discovered in 2018. Throughout the year, several campaigns have emerged in Poland, Spain, Czech Republic and other European countries. The malware’s modus operandi significantly differs from what we have observed so far among banking trojans, successfully evading detection of many “third party” security solutions tailored for […]
ThreatMark AFS (Anti Fraud Suite) is a system that delivers real-time insights on the user behavior and risk associated with every user action within digital banking or similar applications. Similarly to other enterprise systems, AFS uses several open source components. The usage of such components naturally brings challenges around its deployment, maintenance, and performance. Redis […]
Despite the fact, that Google Play is trying to protect their customers against threats and malicious applications, during the past few months we have witnessed several incidents caused by compromised mobile applications circulation. The malware called ExpensiveWall was hidden in about 50 applications in Play Store and had been downloaded a few million times before […]
Cash-out is one of the final stages of fraudulent attacks. Traditionally attackers used money mules to perform the dirty job of going into a bank to cash-out money that came from previously made fraudulent transactions. Cybercriminals even use tools to automatize recruiting and other money mule cash-out related processes.
We have identified unauthorized access to multiple on-line accounts, clearly against normal banking policy. This is what happened…
What weapons digital payment cyberfraudsters have prepared for 2016 and won’t hesistate to use. How to prepare your battleground to have a good sleep….
The world is changing fast, the digital economy is growing and the number of digital payments is increasing. We at ThreatMark successfully managed to solve many fraudulent cyber attacks in 2015. We also found unweaponized / piloted threats that will emerge in large scale in 2016 against selected organisations and their clients. We bring […]