"The cyber attacks they are constantly evolving to make the most of the trends occurring in the market. Since the mobile banking continues to gain space, we see more targeted attacks in this area, and Eurorgrabber is a prime example of this”. This is Gabi Reish, Head of Production at Check Point Software Technologies, the company that first, together with versafe, identified the bank fraud perpetrated by Eurograbber, software based on the "Zeus" trojan which in recent months has infiltrated the home-banking accounts of users from half of Europe, withdrawing sums between 500 and 250 thousand euros using the authentication processes via mobile phones as a "gateway" and computers arranged by banking institutions.
So far the names of the banks affected have not been leaked, the information is kept with caution to avoid negative consequences on the commercial level and on share prices, but analyzing the overall data it emerges that the spread of the virus started from Italy, and in Italy it has caused the greatest damage: of the thirty European banks involved, well sedici are tricolor and, out of the thirty thousand defrauded users on a continental level, 11.800 are resident in Italy. The total damage amounts to thirty-six million euros, of which sedici they were transferred by the virus, to foreign support accounts, starting from Italian accounts.
A predominantly local phenomenon, therefore, which cannot fail to give rise to some doubts about thereliability of online banking security systems, an increasingly widespread phenomenon in the boot but which must recover a significant diffusion gap - and therefore, probably, also of technological innovation and reliability -, compared to foreign competition. It is probably no coincidence that the "virulence" of Eurograbber is greater in Italy: in the retail credit market the "digital divide" compared to abroad becomes evident: even if Italy stands out - in the use of home banking - on the continental average, with 40% of users using their bank's internet portals (of these, 10% only use the internet to access them), the more advanced Nordic countries boast much higher percentages, from the Dutch 66% to 60% of France, while Sweden stops at 56%. However, if viewed in historical terms, the growth of internet banking in Italy (measured from 2005) was 70%.
A rapid growth, but the attention to safety, evidently, has not galloped as quickly. And it must be said that if no Italian business sector is immune from a substantial technological delay, this is equally true for users, who often suffer from a certain cultural backwardness in adapting to technological processes, which make life easier not only for the "housewife of Voghera", but also for organized crime.
How to cope with the pitfalls of the digital society? “Common sense is essential, and is the basis of one's personal safety, together with information. The user should keep himself informed, reading the communications on the subject of security that every bank is required to provide”, he comments David Gubiani, technical manager of Check Point Software Italia, the tricolor detachment of Check Point Systems Inc, a leading network security company listed on the New York Stock Exchange. Gubiani specifies that sometimes it would be enough "to put into practice some simple precautions which help to greatly reduce the risk to which one is exposed: Do not carry out home banking operations from public PCs, equip yourself with security tools basics such as antivirus and antispyware. But also frequently update your systems since attacks almost always exploit existing vulnerabilities. Always have an operating system updated, whether we are talking about computers or smartphones, and updated security software, greatly reduces the chances of any infection".
Service providers can - and should - also lend a hand, equipping themselves with platforms capable of dealing with all aspects of the security chain. However, customer training and information remains fundamental: "if users are not aware of the risks they run and do not behave in such a way as to avoid them - concludes Gubiani - they put even the most robust corporate infrastructure at risk”.
