Salami Attacks: What Are They and How Can They Be Prevented?

New digital innovations, particularly when it comes to payment technology, have allowed businesses to operate more efficiently and improve the customer experience. But there have been some unintended, far less desirable consequences, too.

Salami attacks, a form of cybercrime targeting banks and financial institutions, are one example. Here’s what you need to know about this often-overlooked online attack that has become increasingly prevalent in recent years.

Related: 6 Ways We Shield Your Business From Ransomware

What is a salami attack?

Despite the name, a salami attack isn’t an onslaught brought on by a block of Italian sausage—although that would surely make headlines, as well!

These phishing attacks are instead serious invasions utilized by cybercriminals to target unsuspecting bank accounts. Hackers take small “slices” of money from random accounts, hence where the salami attack gets its moniker.

How does a salami attack work?

Hackers attempt to access accounts by trying hundreds of different routing and bank account combinations. Once they succeed in finding a valid account, they start to make
“micro-deposits” into their victims’ accounts. These small monthly charges are withdrawn from the victim’s bank and placed into accounts that the cybercriminal can access.

The idea is that since the charges are so small, users won’t notice them on their bank statements. But when hackers successfully deploy this criminal strategy across thousands of accounts, their earnings can begin to multiply quickly.

What are the ramifications of a salami attack?

When hackers experiment with random combinations of routing and bank account numbers, their odds of success are low—but they do get lucky and stumble upon valid accounts.

Banking information is highly confidential and extremely sensitive, so when this data falls into the wrong hands, trouble can arise. Your account could go from losing small amounts of money each month to being completely wiped clean.

How can I protect my account from salami attacks?

To protect your bank account from being impacted by a salami attack, users are urged to monitor their weekly transactions and monthly bank statements. By actively scanning through these activities, you can monitor any unauthorized charges that turn up on your account. Be sure to notify your bank of any concerns about suspicious charges that pop up on your account, no matter how small.

Related: Two-Factor Authentication (2FA) Uses, Benefits, and Requirements

As a bank, how can you train your team to prepare for cyberattacks?

Financial institutions around the globe are leading targets of cyberattacks. And with digital payments becoming the norm, protecting against salami attacks and other forms of cybercrime has become even more important.

Contact our Lume team today to learn more about the cybersecurity services we offer. We can even provide training to your organization on how to recognize and avoid phishing scams.

This blog was written by Lume’s Director of Professional Services Michael Hensley.