Mitigating Threats in Digital Banking

By: Omar Veliz

Digitalisation has encouraged banks to change their approach and offer the best available services to their customers.

The password era has ended with an estimated 7,858,136,197 passwords available on the black market. How do you know if your password is not one of them when adversarial groups like Carnabak have left an estimated US$1 billion in losses in attacks on banking institutions?

Banking Trojans are developed by highly motivated attackers who adopt new techniques and tools to profit more from mobile apps. The result is reflected in the growing wave of malware targeting mobile apps.

Cybercriminals attacking financial institutions operate in an advanced manner and specialise in core banking systems; they tend to be highly disciplined and operationally effective groups that perform sophisticated techniques and have access to high-end software resources. In addition, they have in-depth knowledge of the target's networks and are able to seep into a bank's network undetected for several months.


"Mobile malware may grow as users move from online banking to mobile banking" - Europol


The two types of malware used by cybercriminals to obtain credentials and bypass second authentication factors are:

  • Sophisticated Trojans: Fraudsters use applications to manipulate elements within the user's screen that display fake windows and manipulate what the user sees. Additionally, these Trojans enter the system via a decoy application (such as a game) and remain hidden within the system until the user logs into the bank's application. Then these Trojans intercept the second authentication factor sent by SMS and the traditional real-time challenge questions. 
  • Fake apps: Fraudsters use bank-like apps that they redistribute through fake shops, or campaigns with discounts and promotions. This fake app has all the look and feel of the real app, except that the data is sent to the fraudster. 


Such threats must be addressed in the digital domain using automated solutions focused on detection, defence and risk mitigation. 

Monitor Plus DBFD™ (Digital Banking Fraud Detector) is a robust and scalable digital banking fraud detection solution that identifies MITM (Man in the Middle) attacks and the use of sophisticated Trojans through an adaptive rule set, OSINT (Open Source Intelligence) intelligence services and an SDK for easy integration with banking applications. This solution also performs comprehensive user session monitoring to generate risk scores, evolving patterns and profiling of the device and its actions; and provides optimal false positive detection and defensive actions in real time.



  • No impact on web or mobile performance speed. 
  • Detection of malicious TOR, IPS and proxy networks. 
  • Detection of Phishing campaigns, Data Breaches and Fake Apps. 
  • Generation of multiple authentication codes. 
  • Detection of customer impersonation in linking. 


The world of vulnerabilities is constantly evolving, so different criteria must be evaluated to generate a roadmap. It is recommended that you keep up to date with updates from Monitor Plus®, your partner in fighting cybercrime and building a safer financial world.