In our previous blog, we highlighted how fraudsters conduct reconnaissance for fraud activities. 

While banking malware, trojans, worms, and botnets such as Zeus Panda, Ramnit and Trickbot have typically been used to infect consumer PCs in order to collect personal data and online login credentials, including banking sites, not all weaponization is malware-related.

Building on our series on the adversarial mindset, fraudsters will identify a target based on the ease and speed with which they are able to monetize their fraudulent activities.

Many of the reconnaissance steps involve a threat actor learning how a company conducts their business, and oftentimes,  fraudsters end up understanding the business almost as well as the company and its employees do.