According to the Kaspersky Consumer Security Risks Survey, a global study conducted by B2B International and Kaspersky Lab in the summer of 2013, about 41% of users who lost their money as the result of financial cyber-fraud failed get a single cent returned to them.
In theory, even if scammers have managed to steal money from an e-banking or e-payment account, that cash may be returned by the bank or as a result of legal proceedings. However, the B2B International survey shows that success is far from guaranteed. Only 45% of users who suffered through online fraud were fully compensated. A further 14% recovered part of the stolen sum, but the remain 41% of victims were left with nothing.
According to the reports of 33% of victims, the money was most often irretrievable if it had been stolen during an e-payment operation. In 17% of cases the money disappeared during e-banking sessions, 13% of the victims were the customers of online stores. Banks and online stores return money to their customers more often than, for example, e-pay systems: in general only 12% of online customers received full compensation for losses incurred from malicious attacks, but for banking customers the figure climbs to 15%. One in ten respondents were lucky enough to get all their money back. There is also a noticeably high level of ‘bad debt’ - 6% of online stores customers, 4% of online banking clients and 4% of e-pay systems users reported irretrievable loss of money.
At the same time many users remain confident that their transactions are reliably protected by the owners of these services. The results of the B2B International survey show that 45% of respondents believe the bank is responsible for paying back any money lost during online operations and 42% of those surveyed think the bank should provide free security tools to safeguard money transfers.
It all creates a perfect storm: cybercriminals scent profits, and redouble their efforts to steal money from users, while users delegate most protection measures to their banks, e-pay services and online stores. These businesses, however, are not always able or willing to provide the required level of protection, for technical or other reasons. This makes attacks on financial transactions even more attractive for cybercrooks. Happily, there is a safe method to improve the situation.
Breaking the Vicious Cycle
An advanced protection solution is the perfect way to enhance the safety of online transactions. However, when a cyber-attack directly targets money, the “universal” protection provided by the majority of Internet Security class products may not be enough. To maximize profits from successful attacks, financial fraudsters have been willing to invest in special sophisticated malicious tools which antivirus solutions can find difficult to detect. For example, they buy vulnerabilities in legitimate applications, create exact copies of banks’ sites, etc.
Considering the particular features of online fraud, Kaspersky Lab has developed its unique Safe Money technology to protect computers from financial attacks. Safe Money is a set of high-class protection mechanisms activated automatically whenever users are banking or paying online. The integrated multi-level system of verification is able to check the authenticity of the site users are trying to enter, thus protecting against phishing attacks. A special safe browser mode safeguards users’ online activities from malicious attacks. Another mechanism checks applications on the computer for vulnerabilities, effectively protecting against exploits (malicious programs which exploit vulnerabilities in legitimate software). Finally, Secure Keyboard and Virtual Keyboard technologies defeat keyloggers and ensure passwords and credit card details can be entered without risk of interception.
The combination of all the mechanisms in Safe Money technology ensures maximum protection for online banking and payment transactions. This technology is available as part of Kaspersky Internet Security and Kaspersky PURE 3.0 - two advanced protection solutions for home users. It is also will available in Kaspersky Internet Security – Multi-Device, a security solution for several devices working on different platforms set for release in September 2013.