In 2021, one in three (37.8%) attacks using banking malware for PCs targeted corporate users. In 2021, the number of threats to financial organizations on a global scale increased, while the downward trend from 2020 in the number of malicious programs such as banking Trojans, mobile devices and PCs continued. The number of users exposed to financial malware for PCs decreased by 35%, from over 625,000 in 2020 to almost 406,000 in 2021.
While the statistics look optimistic, the risk of cyber attacks has not gone away, especially in the case of corporate networks. Kaspersky researchers point to the continuation of the trend observed in the current decade, with banking Trojans increasingly targeting corporate users. In the period from 2018 to 2021, this increase was as high as 13.7%.
Moreover, only four malware families accounted for attacks on around half of all victims. While Zbot maintained its position as the most widely used malware among financial cyber criminals, SpyEye moved up from eighth place on the list of the most common banking malware to second place. At the same time, Emotet (9.3%), identified by Europol as the world's most dangerous malware, saw a decline. In early 2021, law enforcement began a global cooperation to block the network infrastructure of infected devices, which limited Emotet's activity for at least part of the year.
Security tips Kaspersky recommends the following measures to protect the company from malware attacks:
Invest in regular cybersecurity awareness training. Complement the training with a simulation of a phishing attack to ensure that your staff is able to recognize messages sent by fraudsters.
Use advanced threat detection and response technologies such as Kaspersky Endpoint Detection and Response. This solution detects even unknown banking malware and offers security operations teams full network visibility as well as automating responses.
Keep your software up-to-date on all devices to prevent attackers from taking advantage of security vulnerabilities and infiltrating your network.