Today’s banking malware provides the perfect crime of opportunity. Designed to steal credentials or take over banking sessions this malicious threat is ever evolving and generates substantial payouts with very little risk. From organized crime syndicates, nation states and terrorist organizations – are all likely behind the latest waves of malware attacks.
There is an entire organized subculture dedicated to profiting from creating and updating malware and selling it to the highest bidder. Utilizing targeted malware bad actors can compromise mobile devices and browsers – all with the goal of stealing money.
Malware code is constantly being modified, encrypted, redirected, and combined with other fraud techniques to execute complex fraud campaigns. Even second factor authentication schemes can be circumvented with current generation malware.
The level of sophistication in today’s known and unknown (zero day) malware variants makes the job of detecting and preventing attacks a never-ending challenge.
"Malware, known and zero-day is an ever-evolving fraud threat fueled by illicit profit and a low risk of arrest. Banking trojans is a continual detriment to banking’s digital transformation efforts."
bugFraud is buguroo’s cloud-based fraud prevention solution that detects and alerts banks to manipulation and impersonation attacks against their customers. With the help of buguroo’s integrated web portal code bugFraud dynamically profiles website page structures to identify any changes resulting from a malware attack.
When an infected customer starts a banking session malware is also executed injecting code, modifying pages, or overlaying content – all designed to convince customers to perform a directed action. bugFraud’s enhanced malware detection technology can identify cyber-attacks from a previously compiled blacklist, known malware, and more importantly it can detect malware patterns not previously seen.
Using a grey list approach that utilizes deep learning algorithms, expert supervision and the understanding of how suspicious code interacts with banking websites bugFraud can identify, classify, and stop zero-day malware attacks. The system continually learns as new strains of malware are identified improving its detection capabilities to protect against future threats.
bugFraud malware detection delivers a frictionless real-time ability to detect a wide range of anomalous activity, and in the case of a malware attack it can proactively mitigate attacks by disabling the attacking malware. Keeping the customer safe and alerting the bank of the attack so additional actions can be taken – from stepping up the transaction, stopping the session or locking the account.
Customer banking protection that is delivered transparently, is effective at stopping the widest range of malware threats to protect a bank’s reputation, and most importantly their customers from financial loss.
“Every day, the AV-TEST Institute registers over 350,000 new malicious programs, 90% of which is targeted at Android, Mac Windows platforms.”
buguroo’s cloud-based fraud detection delivers a straightforward solution for detecting and stopping today’s – and tomorrow’s malware threats. Banks and their customers can be protected from one of the most malicious threats in use by cybercriminals.
Transparent protection is delivered to each customer, at every sign-in via bugFraud’s web portal protection, Additionally, buguroo’s comprehensive malware classiﬁcation system eliminates false positives and avoids false negatives so fraud prevention teams and bank security can focus on real fraud, not chasing false leads.
Customer interaction data is analyzed – in real-time – at every point in an online banking session to prevent fraud at every stage. When bugFraud detects anomalous activity, like the presence of active malware it can take appropriate action to mitigate the threat protecting customers and alerting the bank so additional actions can be taken, from stepping up the transaction, stopping the session, or locking out the account.
Traditional malware approaches cannot keep pace with the ever-changing malware threat landscape. For this reason, bugFraud’s malware detection engine was designed to identify and learn how malware executes an attack – by downloading additional malicious code or manipulating content in customer browsers – attack indicators not recognized by traditional security measures. bugFraud continually learns to identify new strains of malware improving its detection capabilities to protect against future threats.
Banks do not need to install or maintain agents or other software on customers’ devices. bugFraud is completely transparent, protecting customers regardless of the device used for banking - PCs, laptops, tablets, or smartphones. Banks can prevent known and unknown malware from perpetrating online banking fraud while increasing customer security and convenience. buguroo’s bugFraud helps banks stop malware – protecting their brand image and securing their customer’s accounts and banking experience.