Who is next?

Abstract

The European financial sector is a frequent victim of banking malware leading to massive losses. It appears that not all customers’ banks are equally attractive targets among cybercriminals who deploy banking malware. This research established a comprehensive regression model explaining why certain banks are more attractive to cybercriminals. The model proves that large banks, banks that are part of a banking group, banks with a high brand value, and banks which websites have a high domain-popularity, bear a higher probability to be (more frequently) targeted. Two-factor authentication doesn’t seem as effective as might expected. The use of this security measure does not decrease the chance for a bank to be targeted. However, the presence of this measure has an influence on a lower target frequency. Furthermore, it is shown that banks offering a largely spoken language on their website do not ease the banking malware attacks. Further research is needed to enhance and improve the model. The independence in the model can be reduced and more bank characteristics could be added, especially factors related to the ease to launder money.