KASPERSKY FRAUD PREVENTION FOR ENDPOINTS



Similar documents
Kaspersky Fraud Prevention: a Comprehensive Protection Solution for Online and Mobile Banking

KASPERSKY PRIVATE SECURITY NETWORK: REAL-TIME THREAT INTELLIGENCE INSIDE THE CORPORATE INFRASTRUCTURE

Five Trends to Track in E-Commerce Fraud

Protect Your Business and Customers from Online Fraud

Advanced Endpoint Protection Overview

KASPERSKY FRAUD PREVENTION PLATFORM COVERING ONLINE AND MOBILE BANKING RISKS

Trusteer Rapport. User Guide. Version April 2014

KASPERSKY DDOS PROTECTION. Discover how Kaspersky Lab defends businesses against DDoS attacks

Kaspersky Security for Mobile

Securing Your Business s Bank Account

Operation Liberpy : Keyloggers and information theft in Latin America

How McAfee Endpoint Security Intelligently Collaborates to Protect and Perform

Latest Business Compromise Malware Found: Olympic Vision

Prevent Malware attacks with F5 WebSafe and MobileSafe. Alfredo Vistola Security Solution Architect, EMEA

Kaspersky Internet Security

Kaspersky Anti-Virus 2013 User Guide

Best Practices for Deploying Behavior Monitoring and Device Control

User Guide for the Identity Shield

The Key to Secure Online Financial Transactions

BEST PRACTICES. Security Controls.

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES.

User Guide for PCs. SecureAnywhere AntiVirus SecureAnywhere Internet Security Plus SecureAnywhere Complete Endpoint Protection

Transaction Anomaly Protection Stopping Malware At The Door. White Paper

isheriff CLOUD SECURITY

Top 10 Anti-fraud Tips: The Cybersecurity Breach Aftermath

Kaspersky Endpoint Security 8 for Windows and Kaspersky Security Center

BEST PRACTICES. Systems Management.

What Do You Mean My Cloud Data Isn t Secure?

Kaspersky Internet Security User Guide

Security Intelligence Services.

Security Evaluation CLX.Sentinel

Securing Secure Browsers

WildFire. Preparing for Modern Network Attacks

Advanced Persistent Threats

Protecting Online Customers from Man-inthe-Browser and Man-in-the-Middle Attacks

Kaspersky Small Office Security User Guide

BEST PRACTICES. Encryption.

Kaspersky Fraud Prevention platform: a comprehensive solution for secure payment processing

IBM Security re-defines enterprise endpoint protection against advanced malware

BEST SECURITY PRACTICES IN ONLINE BANKING PLATFORMS

How To Protect Your Online Banking From Fraud

10 Things Every Web Application Firewall Should Provide Share this ebook

Kaspersky Security. for Virtualization 1.1 and Trend Micro Deep. Security 8.0 virtual environment detection rate and performance testing by AV-Test

Protecting Against Online Fraud with F5

Where every interaction matters.

WEB PROTECTION. Features SECURITY OF INFORMATION TECHNOLOGIES

STATISTICS ON BOTNET-ASSISTED DDOS ATTACKS IN Q1 2015

Kaspersky Total Security User Guide

Getting Started Guide

Kaspersky Security 9.0 for Microsoft SharePoint Server Administrator's Guide

Kaspersky Anti-Virus 2012 User Guide

WEB SECURITY CONCERNS THAT WEB VULNERABILITY SCANNING CAN IDENTIFY

Online Payments Threats

escan Comparison (Enterprise, Corporate, SMB, SOHO)

SMALL BUSINESS IT SECURITY PRACTICAL GUIDE

Advancements in Botnet Attacks and Malware Distribution

Kaspersky Endpoint Security 8 for Linux INSTALLATION GUIDE

FISMA / NIST REVISION 3 COMPLIANCE

KASPERSKY DDoS PROTECTION. Protecting your business against financial and reputational losses with Kaspersky DDoS Protection

Sophos Computer Security Scan startup guide

How CA Arcot Solutions Protect Against Internet Threats

Layered security in authentication. An effective defense against Phishing and Pharming

Cloud Attached Storage 5.0

Trend Micro OfficeScan Best Practice Guide for Malware

Getting Ahead of Malware

ESET Endpoint Security 6 ESET Endpoint Antivirus 6 for Windows

Kaspersky Security 10 for Mobile Implementation Guide

Anti-Phishing Best Practices for ISPs and Mailbox Providers

Remote Deposit Quick Start Guide

Kaspersky Endpoint Security 10 for Windows Administrator's Guide

KASPERSKY SECURITY INTELLIGENCE SERVICES 2015

White paper. Phishing, Vishing and Smishing: Old Threats Present New Risks

Guideline on Auditing and Log Management

Technical Product Overview. Employing cloud-based technologies to address security risks to endpoint systems

Feature List for Kaspersky Security for Mobile

Product Guide. McAfee SaaS Endpoint Protection (October, 2012 release)

OIG Fraud Alert Phishing

FRAUD ALERT THESE SCAMS CAN COST YOU MONEY

Securing mobile devices in the business environment

Overview of computer and communications security

ONLINE AND MOBILE BANKING, YOUR RISKS COVERED

Best Practice Configurations for OfficeScan (OSCE) 10.6

Course Content: Session 1. Ethics & Hacking

Security Threat Kill Chain What log data would you need to identify an APT and perform forensic analysis?

Kaspersky Security 9.0 for Microsoft Exchange Servers Administrator's Guide

Transcription:

KASPERSKY FRAUD PREVENTION FOR ENDPOINTS www.kaspersky.com

2 Fraud Prevention for Endpoints KASPERSKY FRAUD PREVENTION 1. Ways of Attacking The prime motive behind cybercrime is making money, and today s sophisticated criminal gangs have a range of techniques to help them steal from online banks and financial services. Whether using malware to manipulate legitimate transactions and divert cash into their own accounts, or combining social engineering and phishing to gain access to accounts, cybercriminals have several ways of robbing users of online services. There are two main threats: Account take over stealing a user s credentials and using them to take money from the account Transaction tampering changing transaction details, or creating a new transaction on behalf of the customer These cybercriminal objectives are generally achieved through a combination of techniques, including: Credentials theft Phishing Web page modification (web-injects) Form grabbing Keylogging Screenshotting Spoofing attacks Transaction tampering Man-in-the-middle (MITM) attacks Remote access Man-in-the-browser (MITB) attacks

3 Fraud Prevention for Endpoints 2. Fraud Prevention in Action 1 Malware 2 3 4 Browser anti-phishing Fake online 2.1 Malware scan and removal Security Network, site URL, heuristics E-mail, social networks Phishing page Even if there is already malware on a user s computer, Fraud Prevention can still protect online operations. As soon as it is installed, Fraud Prevention performs a scan to find malware. Users are alerted to any problems and invited to delete the malicious file(s) and disinfect the machine. The solution runs an additional scan every time the protected browser starts up. Man-inthe-middle Man-inthe-browser Man-in-the-

4 Fraud Prevention for Endpoints Security Network, site URL, heuristics CASE STUDY E-mail, social networks A large Russian bank was targeted by a piece of malware that automatically Phishing redirected its clients to a phishing page. page Not only did this redirect trick users into handing their credentials over to cybercriminals, it also made it impossible for them to access the bank s real web site. Fraud Prevention successfully deleted the malware on clients computers, ensuring they could bank online safely in future. Fraud Prevention for Endpoints is compatible with all leading anti-malware software, and is designed purely to find malware. It should be used to complement, not replace, a traditional anti-malware solution. 2.2 Protecting Internet connections Man-in-themiddle Valid certificate Fake certificate DNS proxy spoofing Fake online Security Network original site certificate Fraud Prevention doesn t just make sure that the computer is a safe environment for online, and that it is visiting a legitimate resource. It also ensures that no third party can interfere with the Internet channel between the bank and its clients.

5 Fraud Prevention for Endpoints Every time a user logs in to an online session, Fraud Prevention verifies the Security website s Network security certificate by comparing it with the reference certificate Site udress, stored Heuristic in the cloud-based Security Network. This check protects against man-in-the-middle attacks, and DNS and proxy spoofing. E-mail, social If a suspicious network certificate is detected, the alerts the user. Phishing 2.3 Protection against browser pagethreats Man-in-themiddle BROWSER CONTROL 2.3.1 EXTERNAL ATTACKS Fraud Prevention for Endpoints provides protection from browser control with messages to browser windows (so that third parties cannot gain remote access). Valid certificate Security Network Original site certificate Fake certificate 2.3.2 CODE INJECTION ATTACKS DNS Proxy Spoofing Fake Protection from the upload of untrusted modules into browser process, verifying DLL signature locally and in the cloud (KSN). 2.3.3 PROTECTION AGAINST SNAPSHOTS Protection against snapshots includes: Protects against screenshotting techniques Protects the window currently opened in the protected browser

6 Fraud Prevention for Endpoints 2.3.4 OS VULNERABILITIES SCAN Dedicated updatable vulnerabilities database: Operating only Kernel mode privileges escalation only 2.3.5 SECURE KEYBOARD When using the protected browser, Fraud Prevention for Endpoints secures all entry fields. Fraud Prevention intercepts and processes all keystrokes through the KFP keyboard driver, thus preventing the interception of input data by malware. The Secure Keyboard can be used in Safe Browser and in regular browser windows. 2.3.6 CLIPBOARD PROTECTION Restricts access to the clipboard for untrusted applications. 2.3.7 SELF-PROTECTION Security Network Site udress, Heuristic Phishing page Protects against modifications to Fraud Prevention for Endpoints: Windows registry keys Files Processes Threads 2.4 Browser anti-phishing Man-in-themiddle Lab s Anti-Phishing combines heuristic and cloudbased technologies with traditional off-line databases to ensure that even emerging, previously unseen threats are blocked.

7 Fraud Prevention for Endpoints The rapidly-updated Cloud Anti-Phishing module contains masks of phishing URLs. New threats can be added within seconds of their detection, protecting your clients computers against phishing sites that are not yet included in local databases. Whenever the user encounters a URL that is not in the local base, the automatically checks it in the cloud. The heuristic web component of the anti-phishing is triggered when the user clicks a link to a phishing web page that is not yet included in Lab s databases. In addition, a comprehensive off-line anti-phishing database, stored on users devices, contains all the most widespread masks of phishing URLs. 3. Fraud Prevention Console For easy management, the Fraud Prevention for Endpoints solution uses a single console that provides deeper and broader contextual and correlated information about the user, the user s device, and the session. 3.1 Reporting dashboard The console collects information from Fraud Prevention for Endpoints about the user s device, sessions and environment, as well as any attacks launched on the user s machine (phishing, MITB or MITM attacks, malware attacks). 3.2 Remote configuration The console provides management capabilities that can change Fraud Prevention for Endpoints settings remotely. 3.3 Statistical feed The console has an integration point, which makes it possible to send statistics to internal transaction monitoring s, increasing the detection rate and decreasing the number of false positives.

8 Fraud Prevention for Endpoints 4. Implementation Details Integration usually comprises three steps: 1. Customizing the solution in accordance with the bank s requirements to create a custom-built online service. Lab s whitelabelling approach makes it possible for a bank to create its own bespoke online user experience using its own logos, color schemes, typefaces and preferred layouts on the page. Desktop and tray icons can also be customized as required. 2. Configuring integration with the bank s internal s. Fraud Prevention for Endpoints makes it possible to retrieve details of the product version and status when connecting to an online bank. This information is retrieved by a dedicated script, as described in the documentation. We recommend three main working scenarios, but every bank is free to choose how it uses the retrieved data. 3. The bank is then free to choose how to distribute the application among its clients, perhaps by checking whether Fraud Prevention is already running on users machines and inviting them to download Fraud Prevention if necessary. Alternatively the bank can choose another way of distributing the application. To conserve the bank s computing resources, most of the application is stored on Lab s servers and is accessed using a 2MB downloader file handed to the bank during the implementation phase. Typically, it takes about two weeks to complete the installation process. Lab s special implementation team is available throughout the installation process to help integrate the solution with the rest of the bank s network, and to resolve any problems that might emerge. Contact us to find out more: KFP@kaspersky.com http://www.kaspersky.com/business-security/fraud-prevention Twitter.com/ Facebook.com/ Youtube.com/ Lab, Moscow, Russia www.kaspersky.com All about Internet security: www.securelist.com Find a partner near you: www.kaspersky.com/buyoffline Fraud Prevention for Endpoints Whitepaper August 2015 GL 2015 Lab. All rights reserved. Registered trademarks and service marks are the property of their respective owners.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information