Effects of Banking Trojans on SMBs

Panda Security has released an new report, finding that while a majority of respondents are concerned about online banking fraud and identity theft in their organizations, they don’t understand how best to protect their businesses.  In addition, they have a false sense of security in terms of their expectations around bank reimbursement in the unfortunate event they fall victim to fraud.

Key Findings:

  • Small businesses continued to be a prime target for cybercriminals in 2009.
  • 66%of the 25 million malware samples collected by PandaLabs in 2009 were banker Trojans.
  • 49% of respondents use online banking to make and receive payments online.
  • 52% of respondents had little or no familiarity with banking Trojans, despite increased attacks in 2009.
  • 11% of SMBs said they have or may have been affected by online fraud or identify theft.
  • 86 % of online fraud or identity theft incidents were reported to authorities.
  • 15% of SMBs either are unsure of the status of, or do not have updated security software on all systems where online transactions are conducted in their organizations.

 The Annual Report clearly demonstrates that users who are most vulnerable to banking Trojans are those who frequently conduct online banking, with small to medium-sized businesses being at particularly high risk. These organizations, ranging in size from one to 500 employees, are attractive targets because they are less aware of the myriad threats that
exist and underprepared to protect themselves owing to more limited budgets and internal resources. Moreover, SMB accounts are particularly attractive to criminals because they have higher account balances than consumer accounts, yet lack the protections of larger enterprises. 

There were several instances in 2009 that demonstrated just how vulnerable SMBs are.  In September 2009, approximately $439,000 was stolen from German bank accounts with the aid of a sophisticated banking Trojan called URLZone.   The attackers stole banking credentials from the URLZone-infected systems, and then initiated money transfers through the victims’ computer systems by using the stolen credentials. 

More recently, hackers were able to infiltrate and steal $150,000 from a small insurance company in Michigan.  Using the widely popular Zeus Crimeware Kit, attackers hacked into the controller’s computer and initiated money transfers until the company’s bank account was depleted.  These are just two recent examples out of countless attacks that happen annually.

Panda Report