|By JOSH BOAK, AP Economics Writer|
But this was hardly a bit of
"Customers are still at risk," said
The hacks detailed in the report, which was presented at a security conference in
For starters, most American bank customers are insured against theft by the
Still, more people have become vigilant about monitoring their transactions and responding to alerts from their banks if a charge or withdrawal appears to be suspicious.
"We all look at our bank statements a hell of a lot more carefully than 20 years ago," said
There are other simple moves that individuals can do to guard their financial data, said
Even if it appears to be from their bank, people should never open email attachments that they didn't request. Nor should they click on links inside emails, but instead type the name of their bank into the Web browser address bar. And they should only provide a
"Those are the normal things you would recommend consumers to use," Sjouwerman said.
It appears as though the hacker gang accessed computers by having bank employees click on email attachments.
The hackers relied on a technique known as "spear phishing," in which they sent emails from a fake account that looked familiar to the bank workers. Those emails infected the computer with a form of malware called Carbanak and gave the gang entry into the internal network, allowing them to mimic the actions of workers responsible for the cash transfer systems.
In a plan that smacked of a
Their intended targets were primarily in
The report did not identify the banks involved and Kaspersky is partnering with law enforcement agencies to investigate the hacking that allegedly came out of
Just as the hacking has grown more persistent, banks say their defenses have improved. Johnson of the
Yet the hacking attempts continue to evolve in ways that indicate the battle may never end.
"These exploits are going to continue," Johnson said.
|Copyright:||Copyright 2015 The Associated Press. All rights reserved.|