Who is next?
Identifying characteristics of European banks that are key in influencing the target selection of banking malware.
M.E. Hoppenreijs (TU Delft - Technology, Policy and Management)
Michel Van Van Eeten – Mentor (TU Delft - Organisation & Governance)
C. Hernandez Ganan – Mentor (TU Delft - Organisation & Governance)
ME Warnier – Graduation committee member (TU Delft - System Engineering)
Diederik Perk – Coach
More Info
expand_more
Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.
Abstract
The European financial sector is a frequent victim of banking malware leading to massive losses. It appears that not all customers’ banks are equally attractive targets among cybercriminals who deploy banking malware. This research established a comprehensive regression model explaining why certain banks are more attractive to cybercriminals. The model proves that large banks, banks that are part of a banking group, banks with a high brand value, and banks which websites have a high domain-popularity, bear a higher probability to be (more frequently) targeted. Two-factor authentication doesn’t seem as effective as might expected. The use of this security measure does not decrease the chance for a bank to be targeted. However, the presence of this measure has an influence on a lower target frequency. Furthermore, it is shown that banks offering a largely spoken language on their website do not ease the banking malware attacks. Further research is needed to enhance and improve the model. The independence in the model can be reduced and more bank characteristics could be added, especially factors related to the ease to launder money.