We have identified unauthorized access to multiple on-line accounts, clearly against normal banking policy. This is what happened…
A group of clients provided access to their accounts by putting their login credentials into the hands of a company requesting this access to perform credit or similar checks on them. This was done via automated means by another company – the attacker which is a company that provides as-a-service automated credit checks for various business purposes, as for example risk assessment / credit checks.
What’s new in this case is the fact that the attack was made in as-a-service mode, the attacking company did it for another company as a service. We have seen similar cases of such an attack before, when the attacking company used their own “system of robots” to perform siphoning of information from the client’s account.
“We expect more of this kind of attack as means such as automated API are now available for attackers to use. This will lead to more significant impacts. It may start with a credit check and end with “client takeover” by predator competitors” says Jan Guzanič, VP at ThreatMark.
Banks protected by ThreatMark are regularly informed about this and similar attacks. We are about protecting your clients’ access, as well as protecting your digital business from emerging new threats.
Sleep well, we are watching.