Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .



business technology 2

Cybercriminals are always on the hunt for user credentials (user name and password). If you have someone’s credentials, you can log into their systems, access valuable data, and perform fraudulent transactions on their behalf.

Credentials are typically extracted by cybercriminals in one of three ways:

The first method uses key-logging malware that captures user keystrokes during login and sends the information to the attacker. There are various techniques to compromise user machines with such malware, including drive-by downloads, watering hole attacks, infected USB drives, and more.

The second method uses a phishing site. This is a fake website that is designed to look like a legitimate login page, such as an online banking website or online applications like GoogleDocs. To get the user to the phishing site, the attacker sends a spear-phishing message that looks like it came from a trusted source (a bank, a colleague, a government office, etc.). The spear-phishing message will request that the user log into the website to read more details, or to update their user information. Once the user attempts to login to the phishing site, the credentials are sent directly to the attacker.

In the third method, cybercriminals hack into e-commerce websites and social networks to extract the user database, including user credentials. Since users often re-use credentials, there is a high likelihood that the same credentials can be used for logging into other systems as well.

General Recommendations:

There are several things that can be done to lower the risk of credential theft:
First, don’t login into sensitive applications from unprotected machines. Make sure your anti-virus is up-to-date and, if possible, use special security solutions designed to block information stealing malware to protect your machine.

Be cautious about possible spear-phishing emails (even if the message seems to come from a trusted source). When receiving a message that includes a link to a website, try to verify that the request is genuine and that it takes you to a relevant website. If possible, don’t click the link. Instead, open your browser and type in the website address (URL).

Change your passwords often, use complex passwords and don’t use the same credentials across multiple systems. For systems that are especially critical to you or your business, consider using two-factor authentication. This adds additional user identification, and therefor is harder to compromise.

Trusteer Credentials Theft infographic

Trusteer Credentials Theft infographic

Global Banking & Finance Review


Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!

By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post