Black Friday Shoppers Beware; Banking Trojans Are Targeting E-Commerce Sites

Written by Nitish Singh
Published on November 15, 2018

Kaspersky Lab has reported an increase in trojans affecting e-commerce websites and have also identified 14 malware families that are targeting e-commerce websites. Multiple traditional banking trojans have evolved over the years and are now targeting online shoppers. Modified trojans are capable of infecting devices, automate transactions, record video and steal payment card information.

According to Kaspersky Lab data, e-commerce trojan activity has increased from 6.6 million in 2015 to a projected 12.3 million in 2018. The current increase rate is over 10% over the past few years. Personal data is what most of the modern-day banking trojans are after, and many of them attempt to redirect users to phishing pages to steal data.

Banking Trojan Increase

Source: Securelist | Kaspersky Lab


Many of the popular trojans are capable of monitoring user activity, and after tracking browsing patterns, attackers target e-commerce websites and redirect users into phishing forms that look legitimate.

Approximately 67 consumer e-commerce websites are heavily targeted according to Kaspersky Lab, which includes 33 consumer apparel websites, 8 electronics websites, 3 telecoms websites, two online payment portals, and others. While attackers may not directly use the stolen payment card information, many people pay a high price for personal data. There are millions of entries in Google alone when searching for personal data, and dedicated dark web marketplaces exist for trading user data.

Europe is the most targeted region as of 2018 with America being a close second. Russia and other emerging markets like India follow soon after. Kaspersky recommends using an updated software solution to prevent malware. In addition to having software safeguards in place users are advised to not shop online from websites that are potentially dangerous or look “incomplete” despite being a trusted brand as they are very likely to be phishing attacks.

You should also avoid clicking on unknown links as they may initiate malware downloads or redirect to unsafe websites. Using hardware encryption keys can also serve as a means of protecting your online activity.

What do you think about the findings by Kaspersky Lab? Let us know in the comments below. Get instant updates on TechNadu’s Facebook page, or Twitter handle.

For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: