AI-driven cyberattacks surge in finance sector, 2024 witnesses a new wave.

The cybersecurity landscape in the financial sector is constantly evolving, with the emergence of increasingly sophisticated and targeted threats. According to S21sec, one of Europe’s leading cybersecurity service providers, acquired by Thales Group in 2022, the latest version of their Threat Landscape Report reveals a significant increase in banking Trojans activity in 2024. These types of malware use advanced techniques to steal credentials and financial data, posing a risk to users, companies, and even entire countries.

The advent of AI is transforming the cybercrime scene, particularly in the realm of social engineering techniques used to deceive victims and obtain sensitive information such as credit card numbers or banking credentials. Traditionally, this method required advanced technical knowledge and a considerable amount of time to create convincing fake websites and emails. However, AI has simplified this process, allowing cybercriminals to carry out these malicious attacks with greater ease and minimal technical skills.

The rise of identity theft, phishing through text messages (smishing), voice phishing (vishing), and the use of manipulated videos (deepfakes) present a growing challenge for the financial industry. As digitalization continues to advance, this industry becomes increasingly exposed to these types of fraud.

As a direct consequence of these advancements, the phenomenon of Phishing-as-a-Service (PaaS) has emerged, similar to the Software-as-a-Service (SaaS) model. PaaS enables cybercriminals to rent or purchase complete and customizable phishing kits, significantly lowering the barriers to entry for conducting such attacks. These kits typically include email templates, cloned websites, and automated tools for credential harvesting. Consequently, there has been a significant increase in fraud attempts impersonating banking entities, as attackers can launch phishing campaigns more quickly and efficiently.

Hugo Nunes, head of the Threat Intelligence team at S21sec, highlights the wide diversity of cyberattacks currently in existence. “Malicious actors have found various ways to achieve their goals thanks to AI. Among these methods is ‘vishing,’ which involves using phone calls to deceive victims. AI has improved the ability to simulate real voices and automate large-scale calls, thereby increasing the effectiveness of the cyberattack. Another method is ‘QRishing,’ which relies on the use of QR codes to direct victims to malicious websites. With the help of AI, attackers can generate and distribute these deceptive QR codes, making it easier to steal credentials or other sensitive information,” explains the expert.

The world of cryptocurrencies has also become a important target for cybercriminals. In 2024, numerous cyberattacks specifically targeted this sector, with malicious actors developing new ways to compromise cryptocurrency wallets and crypto exchanges, the very markets for trading these digital currencies. Attacks on cryptocurrency platforms are becoming increasingly common and require robust security measures.

A clear example of this specificity is the phishing kit called ‘CryptoChameleon,’ which primarily targets cryptocurrency platform users and Federal Communications Commission (FCC) employees. This kit has the ability to clone login pages and utilizes emails, SMS, and phone calls to steal victims’ credentials. It is also designed to bypass security measures such as multi-factor authentication (MFA) and allows for highly customized attacks.

To summarize, the financial sector is facing a wave of increasingly sophisticated cyber threats. It is crucial for institutions in this sector to continue investing in proactive and up-to-date cybersecurity strategies to protect their assets and their customers’ information.