Trend Micro Q3 Report highlights online banking malware
Trend Micro Q3 Security Report highlights online banking malware and wave of Apple-related phishing sites in Australia and New Zealand
C&C servers detected in ANZ up from Q2
SYDNEY, 11 November 2013 – The Trend Micro Q3 2013 Security Roundup Report released today has found an ongoing proliferation of Apple iOS phishing sites in Australia and New Zealand, as well as a continued increase in online banking malware.
This report is a quarterly analysis by the Trend Micro Threat Analysis Team that describes cyber-security threats from the previous quarter combined with analysis to evaluate and anticipate emerging attacks.
Australia and New Zealand combined was rated the third highest region for hosting Apple targeted phishing sites, accounting for 10.7% of the phishing sites blocked globally in Q3 2013. After a spike in Q2, Apple-related phishing sites remained steady throughout Q3, which raises concern of potential new targets in Q4 with Apple expected to sell millions of iPhones and iPads during the quarter.
Android users also continued to be a prime target for cybercriminals, with the number of malicious and high-risk apps targeting the Android platform reaching the 1 million mark in Q3. Accelerating rapidly throughout the year, high-risk Android apps have already arrived at a level originally predicted to be reached by the end of 2013. Among these apps, 80% were malicious in nature, topped by premium service abusers.
“Apple has been traditionally perceived as a safe-haven against threats, but our findings reveal that personal information can be jeopardised as phishing scams that target the platform continue to gain momentum,” said Sanjay Mehta, managing director Trend Micro, Australia and New Zealand. “This evidence suggests a potential perfect storm looming in the holiday season as busy commercial and consumer users leverage mobile platforms.”
Trend Micro identified more than 200,000 malware infections targeting online banking in Q3. Australia was identified as the fourth most targeted country for online banking malware infections, behind the U.S., Brazil and Japan.
“As consumers gravitate to the convenience of online banking, criminals are developing tools at an exceedingly rapid pace to exploit a general lack of awareness,” said Mehta. “Despite being the fourth most targeted country, Australia accounted for only three per cent of online banking malware infections worldwide. This may be due to the high degree of multi-factor authentication requirement for our local online banking transactions.”
The Q3 Security Roundup also detected a continued increase in the number of Command and Control (C&C) servers as the quarter progressed. Refined malware techniques allowed cybercriminals to more effectively hide their C&C servers, with the number of C&C servers detected in Australia and New Zealand during Q3 almost doubling from Q2 figures.
Australia was also listed as number eight in the ten countries that most access malicious URLs during Q3 2013.
The complete report is available here.