It’s no secret that the financial industry is the ideal target for lawless cyber criminals, holding a treasure trove of sensitive information and financial credentials of innocent victims.

2015 proved to be a difficult pill to swallow for the financial industry, with a noticeable surge in extortion attempts, social engineering attacks, and credential stealing malware. In order for the financial industry to secure its digital doors and protect against malicious actors, they must continue to strive to understand the threats and the actors behind them. Here are five threats to look out & prepare for in the New Year:

  1. Extortion

In 2015, DD4BC and Armada Collective led the races in DDoS attacks. These attacks begin by notifying victims that they’re vulnerable to a DDoS attack, then increased attack activity occurs, leading to a ransom request if left ignored.

  1. Social Media Attacks

The financial industry has faced various notable social media attacks where attackers misuse social media profiles and hide behind fake profiles to gain trust and extract information for social engineering tactics. Facebook and Twitter have since begun notifying accounts of any suspicious activity or if they believe an account has been targeted or compromised.

  1. Spear Phishing & Whaling

In a spear phishing attack, criminals masquerade as a legit individual of institution establishing trust with a target to then lure them into providing credentials to the attacker. Whaling, which is done by targeting multiple victims for a large sum of money, often involves spoofing executives’ emails- often times those of CEOs- and scam financial departments into making large money transfers into fraudulent bank accounts.

  1. POS Malware & ATM Malware

Despite the transition to the EMV Standard, PoS systems remain a target for criminals. Various different variants of POS Malware have been on the rise including BlackPOS and LusyPOS. There is even some evidence that EMV cards can be cloned. Various different ATM-specific malware's were also identified in 2015. One variant deemed GreenDispenser, infects ATMs and allows thieves to extract large sums of money while going undetected. We’ve also seen the introduction of Reverse ATM Attacks. These kinds of attacks use a combination of compromised PoS terminals and money mules to reverse transactions after money has been withdrawn physically or sent to another bank account. Be sure to abide by PCI DSS and SOX Compliance to protect against Point-of-Sale Malware 

  1. Sophisticated Financial Services Threats

Credential-stealing malware targeting bank customers like Dridex as well as exploit kits like the popular Angler Exploit Kit have been very active in 2015 and are predicted to escalate into the New Year. The use of social engineering tactics, network intrusion techniques, and custom malware toolsets & utilities are among other dangerous threats pressing the financial industry.



One thing will always remain true- Financially driven criminals will not rest till they get what they want- MONEY. Organizations must continue to search for better threat protection and risk mitigation and in doing so will understand which malicious attackers are targeting their organization, why, and the methods they’re using for the attack. By implementing a layered approach to security, your organization will be equipped with vulnerability management with breach detection and real-time file integrity monitoring. Integration is also key to protecting your IT estate- with NNT Change Tracker Gen7 we automatically leverage threat intelligence to expose any breach activity when it happens.


Read this article on Security Week

The Most Powerful & Reliable Cybersecurity Products

change tracker gen7r2 logo

Change Tracker Gen 7R2: Complete configuration and system integrity assurance combined with the most comprehensive and intelligent change control solution available.

FAST Cloud logo

Fast Cloud: Leverage the world’s largest whitelist repository to automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology)

vulnerability tracker logo

Vulnerability Tracker: The world’s only limitless and unrestricted vulnerability scanning solution with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.

log tracker logo

Log Tracker: Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds

Contact Us

Corporate Headquarters

6160 Warren Parkway, Suite 100
Frisco, Texas, 75034

Phone 1: 1-949-407-5125

Phone 2: 888-638-9749 (toll-free)

[email protected]

United Kingdom

5 New Street Square
London EC4A 3TW

Phone: +44 (0) 203 588 3023

 [email protected]
SC Magazine Cybersecurity 500 CSGEA Winners 2021 CIS benchmarking SEWP Now Certified IBM Security
Copyright 2024, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.