The two worst affected countries were Italy and Spain, which are in the high-risk group (over 40% of computers attacked while online). All the other countries in the study fall into the medium risk group (21-40%), apart from Denmark, which is one of the safest countries with less than 20% of users attacked.
Nearly half of the North American and Western European countries analyzed are in the global Top 20 in terms of Internet user numbers. Lots of people in those countries keep their money in bank accounts and use their bank cards to pay for goods and services when shopping online.
Cybercriminals know this and that’s why most of their attacks in North America and Western Europe target financial information. In these regions, huge numbers of computers are infected with bots that collect financial data: more than 70% of the Sinowal attacks, over 40% of the SpyEyes attacks, and approximately 25% of the Zbot (ZeuS) attacks targeted users living in these countries.
Apart from gaining unauthorized access to users’ bank accounts, cybercriminals take an active interest in the PayPal payment system and the online store eBay: these systems respectively account for 34% and 9% of all phishing attacks carried out in North America and Western Europe.
Both online systems are linked to users’ bank cards, which gives cybercriminals the opportunity to clear out their accounts. As well as credentials, phishers also try to defraud users of other confidential data, such as social security numbers, dates of birth, and CVV2 security codes for credit cards.
To address these issues Kaspersky Lab’s new flagship consumer product Kaspersky Internet Security 2013 includes new Safe Money technology that provides users with complete protection for their online purchases and online banking transactions.
Yuri Namestnikov, Senior Malware Analyst at Kaspersky Lab, comments: “Countries where Internet penetration rates are high, and online banking services are popular, attract cybercriminals who put their increasingly sophisticated technologies to the test there. A good example is the Zitmo malware family which works in tandem with the ZeuS Trojan. Zitmo attacks mobile phones when money is transferred via online banking, and sends transaction authentications numbers (TANs) to cybercriminals, bypassing the banks’ two-factor authentication systems."
"In the foreseeable future, mobile banking will become a new focus for cybercriminal activity. This shift will be due to the growing popularity of banking services among smartphone and tablet PC owners, and the fact that many mobile devices do not have security products installed on them. Devices running under Android OS will become the most likely targets for attacks," Namestnikov added.