See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/347441140

CYBER ATTACKS IN THE BANKING INDUSTRY

Preprint · December 2020

DOI: 10.13140/RG.2.2.16664.01282

CITATIONS READS

0 1,601

2 authors, including:

Adharsh Manivannan
Bournemouth University
2 PUBLICATIONS   1 CITATION   

SEE PROFILE

Some of the authors of this publication are also working on these related projects:

cyber crime in banking View project

All content following this page was uploaded by Adharsh Manivannan on 17 December 2020.

The user has requested enhancement of the downloaded file.

 CYBER ATTACKS IN THE BANKING
INDUSTRY
Adharsh Manivannan Dhatchina Moorthy
Faculty of Science and Technology
Bournemouth, United Kingdom
[email protected]

ABSTRACT These tones were going to be imitated by them to

make free calls. Before the 1980s, there was still no
The integral activity of our early twenty-first real cybercrime. One entity has hacked the computer
century was revolutionized in the era of of another person to locate, copy, or exploit personal
globalization by Internet banking or online data and information. Ian Murphy, also known as
banking. Man has built various means of contact Captain Zap, was the first person to be found guilty
that are of great importance to him as a social of cybercrime and it occurred in the year 1981 To
being for exchanging information, thoughts, and control the inner clock, he had compromised the
knowledge. The advancement of e-banking American telephone corporation So that customers at
technology makes the job very simple; with a click, peak hours could still make free calls. Hackers,
banking transactions are very fast. Internet however, have persisted in distinct ways over time.
banking and mobile banking make banking fast While telecommunications providers were the very
and convenient daily. Online and mobile banking, first target, it soon followed banks, online stores, and
however, is never 100 percent secure. This study even private individuals Online banking is very
paper seeks to investigate the most current popular today, and it offers a major opportunity as
scenarioof online banking and cyber-attack. We well. Hackers can, for instance, copy log-in codes
focus on cyber-crimes connected to online and addresses or retrieve credit card and bank
banking in this paper and new methods employed account passwords. The effect is that one can either
by hackers. This paper also identifies the empty accounts or make payments online from
emerging online banking-related cybercrime someone else's account (Soni 2019)Cybercrime is
from various journals and news articles. The one of the world's most prominent and most involved
report largely focuses on information available formsof crime. The internet is after all, available to
from the secondary source of data. When dealing everyone and that of course includes risks. It is
with online financial systems, this paper unsafe to commit a criminal offense using a machine
thoroughly analyses and explores the or other system linked to the web and the identity of
consequences of cyberattacks. The study the suspect is difficult to figure out. From phishing
concludes that there is a need to raise and investment fraud to ID theft and extortion,
consciousness among consumers about the cybercrime can take several forms. To date, since
presence of cybercrime in the handling of online the lockout began, more than £5 m has been lost to
banking and confidential financial data and how coronavirus-related scams and £16 m has been lost to
to defend themselves against these external online retail fraud. The bulk of coronavirus-related
challenges. fraud includes online sales of personal protective
equipment (PPE), such as face masks, that never
Keywords— cyber-crimes, cyber-attacks, arrive. To persuade the user to open links or
mobile banking, online banking, hacking. attachments to get them to share personal or financial
details, offenders have even submitted phishing
INTRODUCTION emails and texts pretending to be from the army,
HMRC, and health bodies.[9]
Banking has been one of the most fundamental
institutions in any country and the protection of the 1. PROBLEM STATEMENT
customers of banks is paramount for the well- Cybercrime is a major problem in this world
functioning of the country. Banks have been subject and mostly all banking organizations rely on the
to numerous risks. The development of computers internet. Cyber-attacks have become an easy option
has made a great impact in the banking sector for cybercriminals to access other confidential data
however along with it grew the different ways people through the internet, normally hackers are targeting
would fall prey to different attacks. . The spectacular customer's data and funds, as well as the bank's core
growth in cybercrimes is the main problem for systems. These cyber-attacks are commonly done by
financial institutions in the 21st century. Criminals malware and phishing. Cybercriminals are targeting
occasionally committed crimes via telephone linesat banks because their data is more valuable, normally
the start of the 1970s. The suspects were called cybercriminals obtain their customer data from social
Phreakers and found that, depending on those networks like Facebook. Almost 97% of the
sounds, the telephone system in America worked. population in the United Kingdom holds a bank

Page | 1
 account with online banking facilities, this plays a c. Transfer Money Between Accounts:
major role in cybercrime. One-third of the cyber-
attacks were fruitful for the attacker who hit on This is one of the best features in online banking we can
financial services. Almost £671 million has been transfer money to our family, friends so easily and, we can
reported as missing due to the card fraudulent attacks transfer money all over the world.
in the UK. Criminals are also learning new d. Online Banking in Mobile Application.
technologies to make cyber-attacks. As the world
becomes digital, security measures must update Most of the bank offers a mobile app to access their online
frequently.[11] banking from this you can transfer money and can use for
shopping. Now some merchants are giving discounts
while paying by banking applications. [1]
2. LITERATURE REVIEW
4. Types of Cyber Attacks
Cybercrime in the Banking Sector
Mostly all the fraudulent attacks have revolved • Denial-of-service (DoS)
around ATM, Money Laundering, Credit Card fraud. • Phishing
The main aim of these attacks is to take over the
user’s bank accounts and funds in such a way the • Malware
attacker occupies the funds without proper • Spam emails
knowledge of the user. Some of the ways to take
control ofthe user's account are explained in the next
• Man-in-the-middle attack
section. In some situations, to enter banks and steal a • Spamming
large amount of money, cybercriminals use banking • Spyware
passwords such as PIN, password, certificates, etc.
while in other circumstances, they may try to steal
all the money and transfer the funds into mule
accounts. Cyber attackers often aim to damage the
bank's reputation and then block bank servers so that
consumers are unable to access their accounts. [7]
Online crimes mostly occur from the nuisance
caused by amateur hackers. This paper also looks at
the data of online crime and many problems.
Problems that banks and police forces face in
controlling traditional law enforcement.[9] The
analysis of this paper shows that significant
improvements are possible in the way of dealing with
online fraud and to study online crime it is suggested
that to understand its economic perspective [8]
Fig:1 Cyber Attacks
3. IMPORTANCE OF INTERNET IN
CYBERCRIME:
4.1 Denial-of-service (DoS):

Most banks offer web-based financial administrations This attack is performed over the network user's
that enable you to pay your bills, transfer cash, and computer to make it inaccessible to the user by
access a record of your financial records exchanges flooding them with messages to trigger the crash.
from your Internet Banking. at any time of the day or
night, makes everything you do with your finances a 4.2 Phishing:
bit easy [5]
a. Pay Your Bills Online: Phishing is the process of acquiring the username and
password of the user without his knowledge. These
From internet banking, you can pay all bills like house user login details can be anything like a bank account
rent, credit card bills, and electric bills, etc through online or social media login credentials.[3]
banking. There are some options for automatic payments
also it will be helpful for all people in their busy work
some people forgot to pay their bill they can use this 4.3 Malware:
automatic bill payment in online banking.
Malware is a type of software that spreads viruses
b. View Your Transactions: through devices to other computers to crash the
system. This can also crash remotely connected
Online banking allows you to access your recent and all
network computers.[11]
transactions are done through your account. It also enables
you to find out any unauthorized transition quickly it is
easy to solve your problem immediately with the help of
online banking.

Page | 2
 4.4 Spam emails: mobile phone, he can access our mobile
banking also and initiate multiple levels of
Spam emails are emails that are pushed inside the cybercrime.[16]
user’s mail account without prior permission. It can
be junk advertisement postings or anything VI. In the first half of 2020, a total of £207.8
inappropriate to the user. [3] million was lost to authorized push payment
fraud, and losses to unauthorized fraud, in
contrast, fell by eight percent in the first half of
4.5 Man-in-the-middle attack: this year to £374.3 million, with the banking
and finance industry preventing £853 million
In this attack, a malevolent actor acts as a middleman
of attempted unauthorized fraud. This was
between the transaction between two parties and
equivalent to losses seen in the same period in
gathers the information, and uses it against the users
2019.
to gain access.
6. CYBERCRIME STATISTICS:
4.6 Spamming

Spamming is a method of messaging system to send The capital city of the United Kingdom,
a spam message to many recipients for advertising [1]. London is one of the common centers for the
global economy and it is the fifth-largest
4.7 Spyware national economy worldwide. UK banking
sector is dominated by some large banks like
It is malicious software installed in a user’s computer
HSBC, Barclays, Royal Bank of Scotland these
without their knowledge hacker can access all the
files and their stored file in the system. [4] banks are more safest banks but nowadays
improvement of the internet takes us to lose our
5. CYBERCRIME CASES IN UK: money through online banking.

Cybercrime is one of the biggest risks in the financial • The largest value of online banking
sector losses in the UK in the year 2015 is
133.5 million pounds when we
I. A widely-held suspicion that UK banks are
covering up the true scale of cybercrime has compare this to the year 2014 there is
been confirmed by the City of London Police a dramatic change in losses of money.
chief Adrian Leppard, who says that up to 80%
of online crime goes unreported to the • In banks, we have a lot of security, but
authorities.[15] we are losing a lot of money. In the
year 2019 remote banking fraud was
II. The research shows that the average amount the largest type of financial fraud
taken after a security breach was £544 and, some of the other financial fraud is
based on this, the website estimates that over through card payment.
£1bn has been stolen as a result of credit or
debit card fraud in the past year. • In 2019 criminals in the UK, they
III. The number of people canceling cards in the managed to steal like 1.28 billion
UK hit 5.2 million in the last year, up from 4.5 pounds. Almost half of the financial
million in the year to September 2016, [14] fraud is completed by credit card
fraud.
IV. Bank branch staff worked with the police to
stop £19 million of fraud in the first half of
2020 through the Banking Protocol. The Online Banking Losses in UK
Banking Protocol is a UK-wide scheme that
enables bank branch staff to alert their local 160
133.5
Value In Million GBP

police force when they suspect a customer is 140 121.2 123

111.8
being scammed. Police will then visit the 120 101.8
branch to investigate the suspected fraud and 100 81.4
arrest any suspects still on the scene. £19.3 80 63.7
51.2 57 58.8
million of fraud was prevented and over 100 60
arrests were made through the scheme between 40
January and June 2020. The latest figures mean 20
the scheme has prevented victims from losing a 0
total of £116 million of fraud and led to 744
arrests since it was first introduced three years
ago by UK Finance, National Trading
Standards, and local police forces.[13]
Fig:2 Banking fraud losses in the UK
V. In the UK more than 60% of fraud comes from
mobile devices and 80% comes from a mobile
application. If cybercriminals access your

Page | 3
 7. TECHNOLOGY TO IMPROVE BANK: phishing and trojans. This vulnerability and the
information gap between the banks and their
customers have opened a dark avenue for
Technologies used to maintain a security system in the hackers to steal data as well as wealth. There is
banking sector no doubt regarding the technological
advancementin this field, as banking is one of
7.1 Firewall for Banking application: the most sought sectors in the economy and
there will be constant updates to the software in
A firewall is a barrier between the internet and your use the bank is responsible to ensure that their
computer or network. Using a firewall, you can secure client’s data is in a safe environment and
your system from a hacker. Some of the viruses are constant update to the software in use. The user
spread through the internet that can block by a should change the password every 3 months;
firewall. There are two types of firewall however, Banks are responsible to ensure that
the user is changing to a strong password. The
• Personal firewall bank should use the concept of a trusted device
• Hardware firewall to ensure the identity of the user while a user is
logging on. If the user tries to log in from an
a) The disadvantage of firewall in bank unauthorized device bank should send an SMS
alert to confirm with the customer. Finally,
Banks use the same firewall used in companies people must be aware of their credentials and
firewall do not do much. last seven years no one adds ensure that it is not misused, special efforts must
any updates to the firewall. be made by banks to spread awareness and
ensure that the customers do not fall prey to the
scams. These measures can increase
cybersecurity in the banking sector.
7.2 Two-factor authentication:

Banks have introduced a multilayer approach to online References

banking login under a new method of strong customer
authentication (SCA). Weak login details can be stolen
easily from social media like name, address, phone [1] Datta, P., et al. (2020). A Technical Review
number, etc and if the hacker penetrated the first layer
of defense, they would have to access the sensitive
Report on Cyber Crimes in India. 2020 International
data of customer like payment history or banking card Conference on Emerging Smart Computing and
number and many banks are using a method of sending Informatics (ESCI).
password via message.
[2] Datta, P., et al. (2020). Security and Issues of M-
Banking: A Technical Report. 2020 8th
8. METHODS TO PROTECT FROM CYBER International Conference on Reliability, Infocom
ATTACKS: Technologies and Optimization (Trends and Future
• Use a secured network while using online Directions) (ICRITO).
banking or banking application
[3] Dhoot, A., et al. (2020). A Security Risk Model
• Create a strong password for online banking
for Online Banking System. 2020 Systems of
• Change your password regularly and ensure Signals Generating and Processing in the Field of on
it is a strong password Board Communications.
• Remove personal information from social
media [4] Gunjan, V. K., et al. (2013). A survey of
cybercrime in India. 2013 15th International
• Check your account regularly Conference on Advanced Computing Technologies
• Do not open emails from an unknown (ICACT).
source as they may contain viruses
[5] Rawandale, C. J., et al. (2018). “Banking on
Online Banking”. 2018 International Conference On
9. CONCLUSION
Advances in Communication and Computing
Internet banking has become one of the fastest Technology (ICACCT).
and easy ways of banking. It is estimated that 1
in 4 people can likely be a victim of a [6] Ronchi, C., et al. (2011). Security, privacy and
cyberattack. Such is the risk present in this efficiency of Internet banking transactions. 2011
industry, the financial sector must be always
World Congress on Internet Security (WorldCIS-
aware of the ever-growing threat in the cyber
world. With the growth of technology, many 2011).
individuals have been left in the dark regarding
modern-day advancements in technology [7] Claessens, J., Dem, V., De Cock, D., Preneel,
making them vulnerable to cyber-attacks like B. and Vandewalle, J., 2002. Onthe Security of

Page | 4
 Today’s Online Electronic Banking Systems. [15]https://www.finextra.com/newsarticle/27226/u
Computers& Security, 21 (3), 253-265. k-banks-covering-up-cybercrime-losses---city-of-
london-police
[8] Moore, T., Clayton, R. and Anderson,
R., 2009. The Economics of Online [16] https://www.dataconnectors.com/technews/21-
Crime. Journal of Economic Perspectives, terrifying-cyber-crime-statistics/
23 (3), 3-20.
[17]https://www.statista.com/statistics/326169/unit
[9] Ali, L., Ali, F., Surendran, P. and Thomas, B., ed-kingdom-uk-online-banking-losses/
2017. The effects of cyber threatson customer’s [18] https://www.ukfinance.org.uk/policy-and-
behaviour in e-Banking services. International guidance/reports-publications/2020-half-year-
Journal of e-Education, e-Business, e- fraud-report
Management and e-Learning, 7 (1), 70-78
[10] Gupta, B., Agrawal, D. P. and Yamaguchi,
S., 2016. Handbook of research on modern
cryptographic solutions for computer and cyber
security. IGI global.

[11] Raghavana, A. R. and Parthiban, L., 2014.

The effect of cybercrime on a Bank’s finances.
International Journal of Current Research &
Academic Review,2 (2), 173-178.

[12] Soni, V. D., 2019. Role of Artificial

Intelligence in Combating Cyber Threats in
Banking. International Engineering Journal For
Research & Development, 4 (1), 7-7.

[13] https://www.actionfraud.police.uk/news/bank-
branch-staff-and-police-team-up-to-stop-19-
million-of-fraud-in-first-half-of-2020
[14] https://www.independent.co.uk/topic/cyber-
crime?CMP=ILC-refresh

Page | 5

View publication stats