KASPERSKY FRAUD PREVENTION FOR ENDPOINTS

Similar documents
Protecting Against Online Fraud. F5 EMEA Webinar August 2014

Review Kaspersky Internet Security - multi-device 2015 online software downloader ]

How WebSafe Can Protect Customers from Web-Based Attacks. Mark DiMinico Sr. Mgr., Systems Engineering Security

Protect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com

What is Zemana AntiLogger?

Quick Heal Total Security for Android. Anti-Theft Security. Web Security. Backup. Real-Time Protection. Safe Online Banking & Shopping.

Unique Phishing Attacks (2008 vs in thousands)

Prevx 3.0 v Product Overview - Core Functionality. April, includes overviews of. MyPrevx, Prevx 3.0 Enterprise,

MRG Effitas Online Banking Browser Security Assessment Project Q Q1 2014

Quick Heal Mobile Security. Free protection for your Android phone against virus attacks, unwanted calls, and theft.

SentinelOne Technical Brief

CHECK POINT SANDBLAST MOBILE BEHAVIORAL RISK ANALYSIS

Automated Context and Incident Response

MOBILE THREAT PREVENTION

Kaspersky Internet Security - Top 10 Internet Security Software in With Best Antivirus, Firewall,

FAQ. Usually appear to be sent from official address

Discount Kaspersky PURE 3.0 internet download software for windows 8 ]

Kaspersky Security Network

SentinelOne Technical Brief

Panda Security 2010 Page 1

How to Identify Advanced Persistent, Targeted Malware Threats with Multidimensional Analysis

Kaspersky Security for Windows Server

Office 365 Buyers Guide: Best Practices for Securing Office 365

Getting over Ransomware - Plan your Strategy for more Advanced Threats

Technical Brochure F-SECURE THREAT SHIELD

Trend Micro OfficeScan Client User Guide

Wayward Wi-Fi. How Rogue Hotspots Can Hijack Your Data and Put Your Mobile Devices at Risk

Kaspersky Security for Windows Server

Proactive Protection Against New and Emerging Threats. Solution Brief

Copyright

Live Attack Visualization and Analysis. What does a Malware attack look like?

QUICK START GUIDE. Microsoft Windows 10 / 8.1 / 8 / 7 / Vista / Home Server 2011

MODERN DESKTOP SECURITY

Kaspersky Internet Security User Guide

Account Takeover: Why Payment Fraud Protection is Not Enough

ESET SMART SECURITY 10

Unsecure Endpoints Threaten Financial Transactions

Endpoint Protection. ESET Endpoint Antivirus with award winning ESET NOD32 technology delivers superior detection power for your business.

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

Comodo Internet Security Essentials Software Version 1.3

Quick Heal Total Security for Mac. Simple, fast and seamless protection for Mac.

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

Symantec Protection Suite Add-On for Hosted Security

Internet Security Application Control

Building Trust in the Internet of Things

Quick Heal Total Security for Mac. Simple, fast and seamless protection for Mac.

RSA FRAUDACTION ANTI-PHISHING SERVICE: BENEFITS OF A COMPREHENSIVE MITIGATION STRATEGY

Free Download Prevx Cloud Security (1- PC) pc download manager software free download ]

Kaseya 2. User Guide. Version 1.1

Quick Heal Total Security Multi-Device (Mac) Simple, fast and seamless protection for Mac.

Advanced Threat Control

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

MRG Effitas Online Banking / Browser Security Certification Project - Q (Level 1)

QUICK START GUIDE. Microsoft Windows 10 / 8.1 / 8 / 7 / Vista / Home Server 2011

Evolution of Spear Phishing. White Paper

Quick Heal AntiVirus Pro Advanced. Protects your computer from viruses, malware, and Internet threats.

Phishing Activity Trends Report August, 2006

Webomania Solutions Pvt. Ltd. 2017

Easy Activation Effortless web-based administration that can be activated in as little as one business day - no integration or migration necessary.

SandBlast Agent FAQ Check Point Software Technologies Ltd. All rights reserved P. 1. [Internal Use] for Check Point employees

WHAT IS CORPORATE ACCOUNT TAKEOVER? HOW DOES IT HAPPEN?

RSA Web Threat Detection

The security of Mozilla Firefox s Extensions. Kristjan Krips

Barracuda Advanced Threat Protection. Bringing a New Layer of Security for . White Paper

FILELESSMALW ARE PROTECTION TEST OCTOBER2017

Borderless security engineered for your elastic hybrid cloud. Kaspersky Hybrid Cloud Security. #truecybersecurity

MOBILE THREAT LANDSCAPE. February 2018

How Enterprise Tackles Phishing. Nelson Yuen Technology Manager, Cybersecurity Microsoft Hong Kong

Ekran System v Program Overview

MRG Effitas Online Banking / Browser Security Certification Project Q Level 1

CIS 4360 Secure Computer Systems XSS

Ethical Hacking and Prevention

QUICK START GUIDE. Microsoft Windows 10 / 8.1 / 8 / 7 / Vista / Home Server Click here to download the most recent version of this document

FREE ONLINE WEBSITE MALWARE SCANNER WEBSITE SECURITY

Anti-Virus Interface of Kaspersky

Quick Heal Total Security for Android. Anti-Theft Security. Web Security. Backup. Real-Time Protection. Safe Online Banking & Shopping.

Provide you with a quick introduction to web application security Increase you awareness and knowledge of security in general Show you that any

BUFFERZONE Advanced Endpoint Security

Seqrite Endpoint Security

PROTECTING YOUR BUSINESS ASSETS

Protecting Against Online Banking Fraud with F5

Antivirus: Proactively detects and disables more known and even unknown new malware threats than any other security product.

Quick Heal AntiVirus Pro. Tough on malware, light on your PC.

Endpoint Security - what-if analysis 1

ECDL / ICDL IT Security. Syllabus Version 2.0

SOLUTION BRIEF. Enabling and Securing Digital Business in API Economy. Protect APIs Serving Business Critical Applications

Trustwave SEG Cloud BEC Fraud Detection Basics

Author: Tonny Rabjerg Version: Company Presentation WSF 4.0 WSF 4.0

Quick Heal AntiVirus for Server. Optimized Antivirus Scanning. Low on Resources. Strong on Technology.

Seqrite Antivirus for Server

CompTIA Security+ Malware. Threats and Vulnerabilities Vulnerability Management

HOW CHECK POINT SANDBLAST MOBILE WORKS

Ekran System v Program Overview

Building Resilience in a Digital Enterprise

How to recognize phishing s

Survey of Cyber Moving Targets. Presented By Sharani Sankaran

Kaspersky Open Space Security

MOBILE SECURITY OVERVIEW. Tim LeMaster

Quick Heal Mobile Security. Anti-Theft Security. Real-Time Protection. Safe Online Banking & Shopping.

PROTECTION FOR WORKSTATIONS, SERVERS, AND TERMINAL DEVICES ENDPOINT SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

Transcription:

KASPERSKY FRAUD PREVENTION FOR ENDPOINTS www.kaspersky.com

KASPERSKY FRAUD PREVENTION 1. Ways of Attacking Online Banking The prime motive behind cybercrime is making money and today s sophisticated criminal gangs have a range of techniques to help them steal from online banks and financial services. Whether using malware to manipulate legitimate transactions and divert cash into their own accounts, or combining social engineering and phishing to gain access to accounts, cybercriminals have several ways of robbing users of online banking services. There are two main threats: Account Take Over stealing a user s credentials and using them to take money from the account Transaction Tampering - changing transaction details, or creating a new transaction on behalf of the customer Kaspersky Fraud Prevention for Endpoints protects against the following: Credential theft Phishing Social engineering Data leak Web page modification (web-injects) Form Grabbing Keylogging Screenshotting Spoofing attacks Transaction tampering Man-in-the-Middle attack Remote Access Man-in-the-Browser attack 2. Fraud Prevention in action 2

3. Protection technologies 3.1 Anti-phishing Kaspersky Lab s anti-phishing system combines heuristic and cloud-based technologies with traditional off-line databases to ensure that even emerging, previously unseen threats are blocked. The rapidly-updated Cloud Anti-Phishing module contains masks of phishing URLs. New threats can be added within seconds of their detection, giving your computers protection against phishing sites that are not yet included in local databases. Whenever the user encounters a URL that is not in the local base, the system automatically checks it in the cloud. The heuristic web component of Anti-Phishing system is triggered when the user clicks a link to a phishing web page that is not yet included in Kaspersky Lab s databases. In addition, a comprehensive Offline Anti-Phishing database, stored on users devices, contains all the most widespread masks of phishing URLs. Phishing Kaspersky Fraud Prevention for Endpoints Image Analysis Engine Bank logo Fake site www Site address > Offline base of trusted sites > Offline base of phishing sites Kaspersky Security Network Fake mail login ****** Data form Heuristics Engine 3.2 Malware scan & removal Even if there is already malware on a user s computer, Kaspersky Fraud prevention can still protect online banking operations. As soon as it is installed, Kaspersky Fraud Prevention performs a system scan to find banking malware. Users are alerted to any problems and invited to delete the malicious file(s) and disinfect the machine. The solution runs an additional scan every time the protected banking browser starts up. CASE STUDY A large Russian bank found itself targeted by a piece of malware that automatically redirected its clients to a phishing page. Not only did this redirect trick users into handing their banking credentials to cybercriminals, it also made it impossible for them to access the bank s real website in future. Kaspersky Fraud Prevention successfully deleted the malware on clients computers, ensuring they could bank online safely in future. Kaspersky Fraud Prevention for Endpoints is compatible with all the most popular anti-virus applications, but the solution is only designed to find banking malware. It should not be used in place of a traditional anti-virus solution. 3

3.3 Protecting Internet connections Kaspersky Fraud Prevention doesn t just make sure that the computer is a safe environment for online banking, and that it is visiting a legitimate banking resource. It also ensures that no third party can interfere with the Internet channel between the bank and its clients. Every time a user logs on to an online banking session, Kaspersky Fraud Prevention verifies the website s security certificate by comparing with the reference certificate stored in the cloud-based Kaspersky Security Network. This check protects against Man-inthe-Middle attacks, and DNS and Proxy spoofing. Fraud Prevention checks the certificate Request for certificate Request for certificate Phishing website INFECTED Fake certificate Internet Sertificate from KSN Fake certificate Kaspersky Security Network If a suspicious certificate is detected, the system alerts the user. 4

3.4 Protection against browser threats Attacks on the product itself (termination, damage, modification, etc.) External browser Control Fraund Prevention for Endpoints Code injection Screenshotting OS Vulnerabilities Keyloggers 3.4.1 External Browser control attacks Kaspersky Fraud Prevention for Endpoints provides protection from browser control with messages to browser windows (so that third parties cannot gain remote access). 3.4.2 Code injection attacks Protection from loading of untrusted modules into browser process, verifying DLL signature locally and in-the-cloud (KSN). 3.4.3 Protection against taking snap shots Protection against screenshotting includes: Protects against screenshotting techniques Protects the window currently opened in the protected browser 3.4.4 OS vulnerabilities scan Dedicated updatable vulnerabilities database: Operating System Only Kernel Mode privileges escalation only 5

3.4.5 Secure keyboard When using the protected browser, Kaspersky Fraud Prevention for Endpoints secures all entry fields. Kaspesrky Fraud Prevention intercepts and processes all keystrokes through the KFP keyboard driver, thus preventing interception of input data by malware. Secure Keyboard can be used in Safe Browser and in regular browser windows. 3.4.6 Clipboard protection Restricts access to the clipboard for untrusted applications. 3.4.7 Self-protection Protects against modifications of Kaspersky Fraud Prevention for Endpoints: Windows registry keys Files Processes Threads 6

4. Endpoint management console The Kaspersky Fraud Prevention for Endpoints solution has a single console for easy management that benefits from deeper and broader contextual and correlated information about the user, the user s device, and the session. 4.1 Reporting dashboard EMC collects information from Kaspersky Fraud Prevention for Endpoints about the user s device, sessions and environment, as well as any attacks launched on the user s machine (phishing, mitb or mitm attacks, malware attacks) 4.2 Remote configuration of Kaspersky Fraud Prevention for Endpoints EMC provides management capabilities that can change Kaspersky Fraud Prevention for Endpoints settings remotely. 4.3 Statistical feed EMC has an integration point, which makes it possible to send statistics to internal transaction monitoring systems, increasing the detection rate and decreasing the number of false positives. 5. Implementation details Integration usually comprises 3 steps: 1. Customizing the solution in accordance with the bank s requirements to create a custom built online banking service. Kaspersky Lab s white-labelling approach makes it possible for a bank to create its own bespoke online user experience using its own logos, color schemes, typefaces and preferred layouts on the page. Desktop and system tray icons can also be customized exactly as the bank requires. 2. Configuring integration with the bank s internal systems. Kaspersky Fraud Prevention for Endpoints makes it possible to retrieve details of the product version and status when connecting to an online bank. This information is retrieved by a dedicated script, as described in the documentation. We recommend three main working scenarios, but every bank is free to choose how it uses the retrieved data. 3. The bank is then free to choose how to distribute the application among its clients, perhaps by checking whether Kaspersky Fraud Prevention is already running on users machines and inviting them to download KASPERSKY FRAUD PREVENTION if necessary. Alternatively the bank can choose another way of distributing the application. To conserve the bank s computing resources most of the application is stored on Kaspersky Lab s servers and accessed using a 2 MB downloader file handed to the bank during the implementation phase. Typically it takes about two weeks to complete the installation process. Kaspersky Lab s special implementation team is available throughout the installation to help integrate the solution with the rest of the bank s network and resolve any problems that might emerge. 7

Contact us to find out more: Kfp_hq@kaspersky.com http://www.kaspersky.com/business-security/fraud-prevention March15/ Global 2015 Kaspersky Lab ZAO. All rights reserved. Registered trademarks and service marks are the property of their respective owners.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback