Cybercriminals are increasingly using ransomware-as-a-service (RaaS) platforms to launch banking trojans, according to specialty insurance and underwriting services provider Beazley. They also are leveraging banking trojans to attack small businesses via phishing emails.

Hackers deploy banking trojans to harvest a victim's account details. They typically use the following steps during a banking trojan attack:

  1. A phishing email is sent to an end user.
  2. A user clicks on a malicious link in the email; this launches a macro used to install or download a banking trojan.
  3. The banking trojan disguises itself on a user's system.
  4. The banking trojan spreads through a system's network.
  5. The banking trojan reaches the network's endpoints and downloads additional malware.

New banking trojans perform reconnaissance on email accounts and deploy other malware onto victims' systems, Beazley said. In addition, cybercriminals exploit stolen credentials to access financial accounts, defraud via business email compromise and commit identity theft.

How to Combat Banking Trojans

If a banking trojan has infected a user's machine, disconnect the infected machine from the network, Beazley recommended. Also, reset passwords for any machine users and encourage users to change their passwords for any personal accounts they may have been accessed through the machine.

Furthermore, Beazley recommended organizations offer cybersecurity training programs to teach employees how to identify and address phishing attacks. These programs can help employees detect phishing attacks and minimize their impact.