What is Salami attack?

In the world of cybercrime, not every attack is loud, destructive, or instantly visible. Some are quiet, precise, and designed to go unnoticed for months or even years. One of the most interesting examples of this is the Salami attack.

Just like slicing a salami into many thin pieces, this attack takes very small amounts from many transactions—so small that individual victims rarely notice—yet the attacker ends up with a substantial illegal gain.

A Salami attack is a cyber or financial crime in which a criminal carries out many small manipulations or deductions from a large number of accounts or transactions. Each individual alteration is insignificant, but when aggregated, the total becomes large and profitable for the attacker.

It is commonly used in:

• Banking and financial systems
• Billing and payroll software
• Online transaction platforms
• Interest, tax, or rounding-off systems

How Does a Salami Attack Work?

A typical Salami attack follows these steps:

• The attacker gains access to a financial or transaction-processing system
• They introduce a small change, such as:
  
  • Rounding off fractions of currency
  • Deducting a few paise/cents per transaction
• These small amounts are diverted to the attacker’s account
• The manipulation repeats automatically across thousands or millions of transactions

Because each deduction is tiny, it:

• Avoids detection systems
• Doesn’t trigger customer complaints
• Looks like rounding error or service fee

Why Salami Attacks Are Hard to Detect

Salami attacks are difficult to expose because they:

• involve microscopic amounts
• look like normal rounding
• often require insider access
• involve automated scripts
• hardly affect individual users noticeably

They are commonly linked to white-collar cybercrime and insider threats, especially by programmers or employees familiar with financial systems

How Organizations Can Prevent Salami Attacks

To defend against such subtle fraud, organizations must:

• enforce strict code reviews
• segregate developer and financial roles
• implement audit trails and logging
• regularly reconcile micro-transactions
• use anomaly detection tools
• monitor rounding and truncation processes
• limit insider access privileges

Ethical culture and periodic external audits are equally important.