Canadian banks top targets of malware, says report from Trend Micro

The Toronto-Dominion Bank was the most targeted Canadian brand by malware last year, according to a Trend Micro analysis of data gathered from customers of its products.

Senior threat researcher Natasha Hellberg wrote in a blog this week on the Canadian threat landscape that the second most predominately attempted brand of credential  attempted to be captured was the Bank of Montreal, followed by CIBC.


The most prominent threat in Canada is the OpenCandy adware toolbar, she writes. “Users are tricked into installing this onto their machine, which is then used to also download malware onto it. Adware, infostealers and banking Trojans make up the balance of the commonly seen threats in Canada for the month of November 2015. ”

There is one conspicuous difference between reported malware here and the U.S.: ransomware. “Although ransomware currently a leading threat in the US, we did not see it as a particularly common threat in Canada in November 2015.”

While Canada is not a significant hoster of malicious sites, she notes, unlike other countries, the ratio of malicious IP addresses and malicious domains hosted is almost 1:1. “This indicates that malicious domains in Canada tend to be hosted on only one IP address and don’t move around or use multiple ones at the same time, as they do elsewhere.”

As for the location of attacks, they overwhelmingly originate from the U.S. However, because attackers can place command and control software anywhere around the world I’m not sure that’s a reliable number.

Finally, the report notes that while it is not as large or well-developed as other underground communities, there is a viable underground community here.  “Unlike the US underground, it is primarily focused on the sale of fake/stolen documents and credentials. This includes both faked identification, such as driver’s licenses and passports, as well as stolen credit card and other banking information.   It also includes credit “fullz” (complete dumps of an individual’s personal information), which include an individual’s credit reports and even their Apple ID credentials.”

And here’s what someone would have been charged recently:

The report also notes that criminals are charging more for Canadian credit and debit card data than for comparable American information, perhaps because cards here include chip and pin technology that makes them harder to make use of.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@]

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now