Thousands of employees could be falling victim to obvious phishing scams every month

• Three successful 1,000 bankers click connected a phishing nexus each month, study claims
• Russia is believed to beryllium nan starring unit down banking attacks
• Banks are wary astir caller tech for illustration GenAI, which does spell immoderate measurement to helping

New investigation has claimed a concerning magnitude of banking labor click connected a phishing nexus each month, making it 1 of nan astir communal threats successful nan sector.

A study from Netskope recovered 3 successful each 1,000 labor would autumn unfortunate to specified scams, truthful of nan estimated 362,000 banking labor successful nan UK successful 2023, this equates to much than 1,000 workers clicking a dodgy nexus sent to them.

According to nan report, hackers are getting a batch of their occurrence from designing phishing pages to mimic nan target bank’s website, stealing slope relationship accusation and login credentials to perpetrate fraud.

Phishing is rife successful banking

Netskope identified Downloader.SLoad (Starslord), Infostealer.AgentTesla, Trojan.FakeUpdater, Trojan.Parrottds and Trojan.Valyria arsenic nan astir precocious utilized malware families to beryllium alert of, highlighting that Russian criminal groups are nan astir apt to target this industry.

Despite nan superior threat of phishing attacks, banks were recovered to beryllium much hesitant astir adopting caller technologies than different industries, pinch 87% of banks utilizing generative AI compared pinch nan cross-industry mean of 97%. More than half of banks besides usage Data Loss Prevention measures to negociate information going into GenAI apps.

"[Banks] are much fierce astatine blocking apps without a morganatic business intent and utilizing DLP to power what tin beryllium sent to allowed apps," commented Netskope Threat Labs Director, Ray Canzanese.

The company’s proposal to banks, arsenic good arsenic each different industries, is to inspect each HTTP and HTTPS downloads to forestall malware from infiltrating a network. Companies should besides guarantee that high-risk record types are thoroughly inspected pinch position and move analysis.

Other basal net hygiene practices tin beryllium adopted by workers, specified arsenic questioning nan authenticity of immoderate emails they person and taking portion successful training campaigns. Boosted protection, for illustration nan usage of multi-factor authentication and passkeys, tin besides thief to forestall unwarranted entree to accounts.

You mightiness besides like

• Check retired nan best password managers
• Keep your online footprint safe by utilizing nan best VPNs
• Google Cloud is making multi-factor authentication mandatory for each users