With the help of Internet Banking (IB) and mobile banking (IB) scammers have mastered the principles of rounding and conversion of funds for additional income accounts. This gain, according to experts, can be up to 15 thousand rubles per month
The scheme is simple:.. By online bank transfers, relatively speaking, of 0.29 rubles (29 cents) in dollars. If the exchange rate of the currency of 65 rubles, the amount of 0.29 rubles is $ 0.004461. This amount upon conversion will be rounded to two decimal places by the rules of the banks – that is, up to $ 0.01, which corresponds to 1 cent. Then the offender carries US 1 cent back into rubles. As a result, he will receive the transfer of 0.65 rubles (65 cents). Thus, in a single operation the client receives 0.36 rubles (36 cents), ie more than invested.
«Attacks on rounding” engaged and cyberhawks who also use this practice after hacking internet or mobile banking customers of Russian banks. Hackers attack Internet and mobile banks of small credit institutions outside the top 100 in terms of assets, remote system that is far less protected than the big players. According to Digital Security estimated that 23 million Russians are actively using IB to carry out transactions via the web by accessing the personal account from a computer; and the 17 million citizens – MB (via smartphones / tablets; they establish special applications from banks)
The Positive Technologies indicate that the banking app for IOS is more secure than Android..
– in 2013 and 2014 for banking applications for IOS vulnerabilities accounted for 2.3, in 2015 – already 1.6, ie, IOS has become more secure operating system – pointed to Positive Technologies. – On application for Android all three years accounted for 3.8 Vulnerability
The most common and profitable type of fraud with bank applications -. It is the spread of banking Trojans that intercept management of interaction with the bank and emptied the cash account <. / p>
Often the scammers are infected with the virus the user’s mobile computer Bank, and through the computer under attack and his smartphone.
It turned out that it works even for Apple devices. Troyan WireLurker first infected PC, then – the connected smartphone. However, for iOS this is an exceptional situation, and so the system is very well protected from outside intrusion. However, it is worth remembering that it is not to jailbreak the device, which completely removes the protection and open the device for any malicious activity. For iPhones that have done jailbreak, viruses abound.
For the technology on iOS there are options with successful APT (targeted attacks), but normal users rarely encounter them and efforts to infect a particular device in this way have to put a lot of.
Android-powered devices amenable to hacking from Internet scams is faster and does not deliver attackers such difficulties as iOS.
Earlier, the official website of Ministry of Internal Affairs reported on the detention of a resident of the Chelyabinsk region, which, according to investigators, the bank has developed a Trojan designed to steal money through mobile banking software installed on smartphones with the Android platform. The structure of the criminal group, in addition to the detainee, were four others. The report said the Ministry of Interior on “preventing damage” amounting to more than 50 million rubles.
As a result of searches in the members of the criminal group were seized computers with traces of the virus, mobile phones, SIM-cards, servers and bank cards, which shall credit the stolen money.
At the same time press release the Interior Ministry, the media reported that the number of victims has been named in Russia’s regions cyberhawks victims were from 20 th. to 30 th. MB users.
With reference to the regional media and police sources in the individual regions: in the Kaliningrad region – about 250 people in the Murmansk region – about 200 in St. Petersburg and the Leningrad region – 300, in the Primorsky Territory – 400, in Orenburg – nearly 150
Recommendations for the owners. smartphones on Android
1 platform. When paying via mobile phone or tablet, there are real threats to the penetration device fake application that copies the entire and replaces the original. This malware hiding present application prompts for user credentials, passwords and other sensitive information that could be used to steal money and its transfer to the criminals account.
2. Never click on links in SMS / e-mail address-spam messages. If you want to install any software on your device, you need to download it from the official sources. Do not forget to update the operating system and installed applications, as hackers update addresses known vulnerabilities. On the market today there are a variety of security solutions that not only help fight the penetration of malware device, but also able to protect the information stored on the smartphone confidential information in the event of loss or theft of the gadget. Do not forget to update your security solution.
3. Do not perform jailbreak / rooting the device: the official firmware hacking your gadget becomes more vulnerable to malware. . It should also use software remotely lock (destruction) of data in case of loss (theft) Smartphone
Fraudsters have learned to steal money from banks to “rounding” currency