Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Sberbank. Show all posts
Sberbank
Central Bank of Russia Cyber Insurance Cyber Security droppers Russia Sberbank

Sberbank Called the Average Size of the Insurance Payment Cheated by Cybercriminals

 

The cybersecurity company Positive Technologies said in January that customers of credit institutions who actively use online banking will become one of the main targets of hackers this year. According to experts, attackers will use both tools for hacking applications and social engineering techniques. Credit institutions previously informed that they see the interest of fraudsters in online applications and strengthen anti-fraud systems. 

It is worth noting that most companies do not show interest in cybercrime insurance. However, credit organizations resort to this service to protect their cardholders. 

Olesya Dunayeva, the owner of the Save Finance product of Sberbank, said that payments to SberInsurance customers are made within the sums insured. About 10,000 insured events were settled for all risks of the program in 2021, the average payment amounted to 20,500 rubles ($270). 

Bank customers can receive insurance payouts in cases where intruders got hold of card data by calling on behalf of the bank or the police. Also, insurance is valid if the money was stolen when paying for goods and services on fake sites, using phishing, viruses, unsecured Wi-Fi, and as a result of account hacking. 

According to the Central Bank, in the third quarter of last year, fraudsters stole 3.2 billion rubles (42 million dollars) from bank customers, which is 18% more than in the same period of 2020. The attackers performed 256,198 operations without the consent of consumers. Citizens were able to return 7.7% of the funds stolen by fraudsters. In the second quarter, more than 3 billion rubles (39’6 million dollars) were stolen from bank customers, and in the first quarter — almost 2.9 billion rubles (38’2 million dollars). 

Earlier, VTB offered to allow banks to completely block the possibility of withdrawing and withdrawing funds from the accounts of droppers (intermediaries through which fraudsters cash out funds stolen from citizens) for up to 30 days. 

As Anatoly Pechatnikov, Deputy President and Chairman of the Management Board of a credit institution, explained, now, when fraudsters gain access to the accounts of bank customers, they first withdraw money to the accounts of droppers in other credit institutions, and then cash out the stolen money. Banks cannot stop such operations, even if such an “intermediary” account has already been identified and blocked.
Read more »
Sberbank
Bank Cyber Security Cyber Attacks Information Security News Russia Sberbank

Sberbank is the most targeted organization in Europe by hackers, says Herman Gref

 At the moment, Sberbank is more often than other institutions in Europe is subjected to hacker attacks, but successfully repels them, said the head of the credit institution Herman Gref speaking at a plenary session in the Federation Council with a presentation on artificial intelligence (AI).

“We are the most attacked institution in Europe. Every day, artificial intelligence inside our Cyber ​​Security Center analyzes billions of events. During this entire period of time, we did not allow a single penetration into our systems,” said Mr. Gref.

Gref stressed that the AI protects not only the credit institution itself but also its customers. According to the banker, citizens who use the services of Sberbank are protected in 97% of cases: the systems recognize that a person is trying to transfer funds to a fraudster.

"In 97% of cases, our algorithms recognize fraud, stop these transactions, contact the person, the person confirms that he made this transaction, and we tell him that it was a fraudster," added Gref.

According to the head of Sberbank, in cyber attacks, scammers use artificial intelligence technologies, in particular, deepfake technologies, which allow simulating the face and voice of the client.

"Scammers can call from your phone that belongs to you, speak with your voice. And this is a gigantic threat. It is extremely difficult for a normal person to fight this, and therefore powerful systems for protecting a person from such fakes should come to the rescue,” noted Gref.

According to the Bank of Russia, in the first nine months of 2020, fraudsters stole about 6.5 billion rubles from bank customers from their cards and accounts. Sberbank estimates that since the beginning of 2020, fraudsters have called customers about 15 million times. Sberbank recorded more than 3.4 million customer complaints about phone fraud in the first half of the year, which is 30 times more than in 2017 and more than twice as much as in 2019.

"The number of fraudulent calls in Russia reaches 100 thousand per day", said Stanislav Kuznetsov, deputy chairman of the bank.

Earlier, E Hacking News reported that according to Sberbank cyber criminals are using Artificial Intelligence in banking Trojan which is quite difficult to recognize.

Read more »
Technology
digital currency Sberbank Technology

Sberbank predicts an outflow of up to ₽4 trillion from banks to the digital ruble

Sberbank predicted an outflow of two to four trillion rubles (around $5,5 billion), which are currently stored in banks, to the digital ruble. According to the credit institution, this can happen within three years.

Deputy Chairman of the Board of Sberbank Anatoly Popov said that now the market does not have a large liquidity surplus. "These funds (2-4 trillion rubles) will no longer be available for lending, which will eventually lead to a shortage of liquidity and, as a result, to an increase in rates," predicted Mr. Popov.

According to Popov, the flow of about 10 percent of non-cash funds into the digital ruble will lead to an increase in credit rates by half a percentage point.

Earlier, in October 2020, the Central Bank of Russia presented the concept of the digital ruble. It was supposed to take the form of a unique digital code stored in a special electronic wallet. The transfer of the digital ruble from user to user will take place in the form of moving a digital code from one electronic wallet to another.

It is expected that the digital ruble will become a full-fledged means of payment, just like the regular ruble, and will be able to be used by the population, business, and the state, ensuring simplicity of payments, their high speed, high reliability, and low costs.

The largest market participants supported the concept of the Central Bank, but Sberbank proposed to expand the properties of the digital currency to all non-cash money. According to the state bank, the payment system will benefit more from the evolution of the non-cash ruble than from the creation of an additional digital currency.

Read more »
Sberbank
Bank Security Cyber Fraud Russia Russian Cyber Security Sberbank

Russian banks revealed new types of fraud


Stanislav Kuznetsov, Deputy Chairman of the Board of the Bank, said that fake Internet recruiting agencies that offer employment have become more active. An applicant should fill out a form with personal data. Then a letter arrives that he was hired, and he needs to transfer money for some equipment urgently. In the end, no money, no work.

VTB specialists reported cases of fraud when hackers place job ads and get access to mobile phones while communicating with candidates. Then, using remote access, hackers get to the client's personal account and can withdraw money.

Hackers are looking for candidates without experience, for example, for the position of mobile app tester. Those who responded to the ad, they are asked to pass testing and install remote access programs to their computer or smartphone for control. Fraudsters can use them to log in to their personal account and withdraw funds.

The VAT refund scheme is also gaining popularity among fraudsters. Attackers publish videos on the Internet with a proposal to refund value-added tax to all Russians left without income. In this scheme, customers click on a fraudulent link from the description to the video and independently perform expense transactions, which leads to a loss of money.

"Internet companies began to actively appear that offer customers to take advantage of the volatility of cryptocurrencies and promise a large profit," said Kuznetsov about another scheme.

Finally, financial fraudsters copy popular initiatives of well-known brands and companies to attract their victims, using hashtags of the period of self-isolation, for example, #stayhome and offer to participate in the campaign to get three thousand rubles ($42). For this, it is allegedly necessary to provide card data and a one-time SMS password.

It is worth adding, according to the international company Group-IB, using the remote access program TeamViewer, fraudsters steal from the clients of large banks on average from 6 million to 10 million rubles per month ($84,000 - 140,000).
Read more »
Sberbank
Bank Security Cyber Crime Cyber Crime Report Sberbank

Sberbank employee confesses he is the culprit behind the customer data leakage


Recall that on Thursday, Sberbank reported a possible leak of credit card accounts, which affects at least 200 customers of the Bank. According to media reports, at the weekend on one of the forums, which was blocked by Roskomnadzor (Federal Service for Supervision in the Sphere of Telecom, Information Technologies and Mass Communications), there were messages about the sale of personal data of Bank customers. The authors of the announcement indicated that they have access to data of 60 million cards.

Sberbank assured that the funds of its customers are safe because credit card accounts that do not have CVV codes, as well as logins and passwords from the Internet Bank were in the public domain. So, fraudsters can not steal money from the cards.

According to German Gref, President of Sberbank, Sberbank employees learned about the incident on the day of the leak, October 2: an ad was found with personal data of employees. After that, the employee of security service of Sberbank contacted an attacker trying to sell the stolen data.

During the conversation, it became clear that we are talking about an internal leak, Gref said.

According to a statement on the Bank’s website, "as a result of the internal investigation, the security service of the Bank in cooperation with law enforcement agencies, on October 4, 2019, identified an employee of the Bank born in 1991, the head of the sector in one of the business units of the Bank, who had access to databases and who tried to steal customer information for selfish purposes," the message on the Bank's website reads. The culprit of the leak faces criminal liability.

The leak indirectly affected the data of 200 cardholders of Sberbank, which have already been reissued, so " the owners have nothing to worry about," Gref said. He noted that the reissue took only two days.

Gref also apologized to customers and thanked them, noting their calmness.
Read more »
Sberbank
Bank Cyber Security cyber attack Sberbank

Sberbank helped one of the largest US banks to prevent a cyber attack


In July, Sberbank helped one of the largest US banks to prevent a cyberattack and avoid damage of several million dollars. Deputy Chairman of the Board of Sberbank Stanislav Kuznetsov announced this at the Eastern Economic Forum.

"At the end of July, our cyber defence center recorded an attack on one of the largest American banks. We informed the Bank, informed the relevant departments of payment systems to prevent the withdrawal of funds. At least several million dollars were saved," he said.

At the same time, Kuznetsov refused to tell which Bank was exposed to attack.

Kuznetsov shared the details of the cyberattack scheme. According to him, the fraudsters managed to hack one of the acquiring terminals and conduct a large number of operations. In the United States, PIN verification of transactions up to $130 is not required. As a result, at one moment the resources of several banks were attacked through a large number of operations.

At the same time, he stressed that this is a clear example of the fact that credit institutions should detect such attacks in an automated mode and not allow any actions directed against customers of both Russian and foreign organizations.

In addition, Stanislav Kuznetsov said at the Forum that Sberbank recorded about 2 thousand attacks on its systems in the first half of the year and prevented possible damage from them in the amount of at least 25 billion rubles.

According to him, the Bank noted the growth of social engineering."This is a trend to collect data about a person and corporations, and the second trend - we see that scammers focus on those companies that are poorly protected, and this is small and medium-sized businesses," he noted.

At the end of his speech, Kuznetsov said that North Korea's attacks on Russian banks are a myth, the threat to Russian resources comes "from another direction".

It is worth noting that this is the Fifth Eastern Economic Forum, held in Vladivostok on September 4-6.

Read more »
Subscribe to: Posts (Atom)