Question

An advisory practice was the target of an attack, whereby the malware allowed the fraudster to gain access to an adviser’s login details for all systems he had used recently. The fraudster now had access to every website or account that required a login. This included personal banking, platform desktop software, Xplan software and Facebook. The next time the adviser tried to log in to his platform desktop software, he was locked out. He rang our account executive team to report his access was locked. He couldn’t login, even though he was using his correct user name and password. The platform reset his password. The next day when the adviser tried again to login, he was locked out of the system again. It became obvious that the adviser’s user ID had been compromised. At this point, the user ID was deleted.

1. Identify the malware attack experienced in the above scenario

2. What recommendations would you provide for preventing such type of attacks? The recommendations should be discussed individually for the scenario and should not be a general list of recommendations

Answer 1

1.

Keylogger malware is the malware attack technique that can be used to steal login passwords and other confidential type data into system. This malware technical especially used for stealing user's id and password as this method works by tracking the user's keyboard stroke.

2.

Prevention in case when the attack is suspected by the user. In this case the user should immediately disconnect the system from internet connection and call the run the security software and check for malware or any threats. Network and system should be kept updated.

Prevention in case when the attacker is stealing money, immediately disconnect from the network, call banks, insurance, social media support and others as such to instruct them for blocking individual's account temporarily.

Also, arranging a security service firm immediately to eliminate and get rid of malware threat as soon as possible. The security firm may run various antivirus and other related toolkits to scan and fix the threat.

Network and system should have zero glitches and to be kept updated every time.

Filing a complaint about the incident can provide to get back the loss in some way.