Cybersecurity threats that place bank information and personal data at risk are on the rise as the holiday shopping season officially kicks off with Black Friday and Cyber Monday.

Cybercriminals are targeting online shoppers by scraping sites for credit card and banking data, according to a recent report by cybersecurity firm Kaspersky, which monitored cyberthreat-related data from January through the first three weeks of November.

Spam flagged during the study include phishing that used brand names like Amazon and Apple to lure unsuspecting consumers into giving out their credit card information. Banking Trojans, malware used to steal financial credentials and infiltrate payment systems, are also on the rise, according to the report.

The report found:

• During the first 10 months of the year, banking Trojan attacks jumped 92% compared to the same period in 2021 to 19.5 million;
• Emails containing the term “Black Friday” reached 351,800 in November, up 432% from 65,608 in October;
• Cybercriminals are cloning payment platforms to swipe information, including a look-alike site for buy now, pay later payment app Affirm; and
• Financial phishing for online shopping sites comprised 42.5% of all phishing attempts.

Fighting fraud

Banks are implementing automated systems — including confidential cloud computing, a new technology that encrypts sensitive data — to stop data breaches and flag suspicious behavior amid a rise in fraud and impending open banking regulations.

KeyBank, for one, is leveraging robotic process automation to block outside bots and improve its cybersecurity frameworks.

However, even with proper systems in place at banks, client education continues to be a top strategy in fighting fraud, Kate Drew, director of research at CCG Catalyst Consulting Group, told Bank Automation News.

“A number of banks run educational campaigns for consumers around the holidays, providing tips on how to combat fraud – for example, by only using websites they trust and making sure fraud prevention tools like multifactor authentication are enabled, in addition to keeping a close eye on their transaction activity,” Drew said.

JPMorgan Chase, Wells Fargo and Bank of America all offer fraud education tools on their websites with tips on avoiding cyber scams.

“By helping customers to better understand how to get ahead of fraud, institutions can mitigate challenges related to high-volume spending around the holidays,” Drew said.

Bank Automation Summit US 2023, taking place March 2-3 in Charlotte, is a crucial event on automation and automation technology in banking. Learn more and register for Bank Automation Summit US 2023.