BDDK Regulation – Compliance Made Easy With ThreatMark

The Turkish banking regulator announced a new regulation with one audacious goal: to create a robust protection measure to prevent fraud in the online world with a strong accent on innovation in the area of unauthorized and fraudulent transactions. Similarities with PSD2 Legislation A new regulation published by Banking Regulation And Supervision Agency (BDDK) is […]

StrandHogg Opens Doors to Financial Fraud, Circumventing Android’s Security Measures

Another powerful weapon lays in the hands of fraudsters. A dangerous Android vulnerability dubbed StrandHogg allows a malicious application to pose as a legitimate one for malicious purposes. Unlike a legitimate application, however, the sole goal of the StrandHogg malware is to wreak havoc by stealing credentials, recording phone calls or stealing the personal data […]

Defending Mobile Banking Application Against Android Accessibility Abuse

Since 2017, the security community started to register a new type of attack emerging from standard overlays. In this attack vector, the malicious application utilizes old-fashioned clickjacking, to gain even more powerful permission – AccessibilityService API. This attack is still valid and widely used. This attack is nicknamed “Cloak & Dagger” and can be used […]

9 Highly Effective Methods that Innovative Companies Use IT Software

Cybersecurity is serious. Whether you own a web-based infrastructure, online account, or a website, you can be a victim of a cyberattack. Even banking applications you have installed on your devices can be a ticking bomb if unprotected. People nowadays take advantage of the Internet to promote and sell products in different ways, reach their […]

Future of Online Payments: Secure and Without Friction

Rapid innovation in digital technologies creates endless possibilities for ways to pay. Consumers are adopting new behaviors and expect nothing smaller than comfort and security. Balance these two seemingly contradictive things might seems challenging. Recently published paper from Forrester Consulting shows, that these two worlds can be without any doubt interconnected.

Google Bug that Makes Your Bank More Vulnerable to Phishing

Open Redirect is one of the most overlooked vulnerabilities with potentially devastating consequences. The simple flaw allows a fraudster to redirect the user to a phishing website without raising any suspicion by masking the URL as a legitimate one. Since ThreatMark deals with this issue often, let’s dig deeper and find out how this vulnerability […]

7 Tips How to Recognize Phishing E-mail Pretending to be from Your Bank

Recently our internet probes detected  several massive phishing campaigns aiming at banks mostly located in Europe. All of them are fitting the same patterns and an educated user could easily spot them. Since phishing campaigns could lead to identity theft, financial loss, and data compromising, let’s look at these 7 tips that help you recognize how to spot these phishing e-mails. But […]

BackSwap Banking Malware Analysis

1.   Management summary Backswap is financial banking malware whose activity has been discovered in 2018. Throughout the year, several campaigns have emerged in Poland, Spain, Czech Republic and other European countries. The malware’s modus operandi significantly differs from what we have observed so far among banking trojans, successfully evading detection of many “third party” security solutions tailored for […]