Attacks Via Banking Trojans Stealing Payment Data Doubled In 2022

New research suggests that the number of attacks via Banking Trojans stealing payment data have doubled in 2022 compared to 2021. These types of attacks have reached 20 million in 2022.

After a rapid drop in the number of attacks with banking Trojans in 2021, cybercriminals returned to this type of threat with renewed strength. In 2022, the number of attacks doubled compared to the same time period in 2021.

From January to November, Kaspersky products detected and prevented almost 20 million attacks, meaning that the overall growth in the number of detections is 92 per cent.

Banking Trojans are widely used tools in the arsenal of cybercriminals profiting from the sales season. Once the user browses in an online store, the Trojan saves all the data the user enters into the website’s forms. This means cybercriminals get access to a credit or debit card number, expiration date and CVV, and the victim’s site login credentials. Having obtained this information, the attackers may use it to empty the user’s bank account, use their card details for purchases or sell the data in the Dark web stores.

According to the research report, in addition to this active campaign of banking credentials theft, cybercriminals did not stand still and developed new scam schemes. On Black Friday in particular, fraudsters used a new type of phishing scheme for the first time exploiting Buy Now Pay Later (BNPL) services. 

The sales season inevitably attracts the attention of shoppers and retailers. However, it is also a favorite time for cybercriminals, who do not hesitate to cash in on online customers. 

“Cybercriminals create juicy offers that are fake and expire quickly, so the user must hurry to get the goods for free or at the lowest price. This is where cybercriminals catch customers, who are hungry for freebies and don't look carefully at the site they are entering their data into: the phishing or the original one,” the report noted.