Open in app

Sign in

Write

Sign in

LET’S TALK ABOUT SALAMI ATTACK

Beloved Adejuyigbe
2 min readJan 23, 2023

--

Banks are so guilty of this lately, salami attack is a slicing tactic on a computer network whereby a group of hackers transfer small amounts of money from a different client account to a personal account in such a way that it won’t be noticed.

An instance is irregular service and sms charges from banks are simply slicing tactics by attackers, this way, the deduction won’t be questionable.

This sequence of a small amount of money from millions of bank accounts amounts to millions and billions at times, which makes it difficult for systems to detect salami attacks when the attack intrudes on any financial network.

You might want to ask me, how does Salami Attack works?

It’s often buried in alerts and logs from the bank, so as not to make the attack suspicious to both the users and the financial entity.

This act of imposition makes it harder for banks and fintech startups to detect and stop this type of attack.

To test the waters and see what an organization’s reaction would be in a situation where suspicious activities occur and reoccur.

The Fraudster starts with a smaller amount by examining the bank’s defense system and user response to such an attack, from there, the fraudster proceeds, and plans a more complex attack on those banks and users that didn’t react to the first attack.

This gives the fraudster some level of confidence and assurance to stay under the radar while they make bigger moves on those entities.

How then can a financial institution be saved from this form of attack?

- Use the Application Programming Interface (API) to fish out unusual activities and suspicious accounts.

- Put proper security measures into practice, like Identifications and Bank Verification Numbers.

- Scan for multiple accountancy but using different verification means e.g Fingerprinting, BVN, and Face Identification.

- Beware of giving out your bank details as an individual or clicking on malicious links that ask for sensitive information, like your bank app login credentials.

- Having different means of automated verification makes irregularities like salami attacks nearly impossible.

- There should be a limit to the number of bank accounts an end user can have as an individual and corporate entity.

- Transactions should be carried out on accounts that are only well verified.

- Any recurring malicious activities and transactions like logging in on multiple devices or frequently should be flagged by the bank.

- Most importantly, safeguard your bank and card details as a user.

As dangerous as Salami Attack is to various financial institutions and their credibility, we the individuals do have different roles to play to prevent this kind of attack on our credentials and in most cases, it is always difficult for financial institutions to detect this kind of attack.

#beladactions

Cybersecurity
Articles
Banking
Technology
Beladactions

--

--

Beloved Adejuyigbe
Beloved Adejuyigbe

Written by Beloved Adejuyigbe

3 Followers
2 Following

I am Beloved - I have superpowers, but then try me.

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams