CUSO-News---Payments-Report

close

Categories

More Tags

Subscribe to Email Updates

Popular Stories

The Quick On Visa’s 8-Digit Bin Migration
How One Credit Union's Workforce Went Completely Remote
Credit Unions Are Beginning To Embrace Fintechs
Frictionless Payments
More Evidence Fintechs Are Turning Into Banks
Written by Cyndie Martini
on November 17, 2020

We've written many times about how cybercriminals are taking advantage of the pandemic to try and exploit bank and credit union customers. In this article, we'll step outside the scope of payments, banks, and credit unions to better understand the lengths that these criminals will go to. Better knowledge about what cybercriminals are up to will help all of us be more prepared.

Microsoft's security team has detected state-backed hackers from North Korea and Russia trying to steal valuable vaccine data from pharmaceutical companies and research labs. The US Government has also said that Chinese state-backed hackers have been targeting vaccine companies.

Microsoft said that many of the companies being targeted were located in France, India, South Korea, and the United States and were "directly involved in researching vaccines and treatments for COVID-19." The hackers target the logins of people associated with these companies, which could mean contractors and vendors. Some of the hackers' methods include:

  • Posing as job recruiters
  • Spear-phishing emails that masqueraded as missives from World Health Organization representatives

In 2019, Microsoft's security blocked over 13 million malicious and suspicious emails. The most common activities by criminals were:

  • Reconnaissance
  • Credential harvesting
  • Malware
  • Virtual Private Network (VPN) exploits

From October 2019 to July 2020, ransomware was the most common incident response. An incident response is a resolve of the breach. Meaning, people were paying ransoms to regain control of their machines. 

"They [cyber criminals] have also focused on targeting their ransomware activities toward entities that cannot afford to be offline or without access to records during critical periods of the pandemic, like hospitals and medical research institutions,” said Mary Jo Schrade, Assistant General Counsel, Microsoft Digital Crimes Unit, Asia, in regards to a recent Microsoft Defense Report.

These criminals will often choose the holidays to attack when there are fewer resources to help out.

While this article shows how the medical industry is targeted, there is plenty of valuable information for payment processors, banks, and credit unions to take from it. Careful scanning of emails, consistent updates of passwords, complex passwords, and periodic evaluation of current security practices and implementation can provide a more robust defense against these criminals.

Let Us Know What You Thought about this Post.

Put your Comment Below.

You may also like:

Cybersecurity

Introduction To Visa's New Advanced Identity Score

In late June of this year, Visa announced a new tool called Advanced Identity Score (AIS) to help combat new account and...

Cybersecurity

Three Tips To Reduce Cybercrime Exploits

As credit unions and banks were forced into transitioning nearly all of their workers into remote work over a matter of ...

Cybersecurity

Mobile App Security Trends

improving their mobile app security. In this article, we look at some of the latest mobile app security trends.