Cyber criminals have raided the accounts of thousands of British Internet bank customers in one of the most sophisticated attacks of its kind.No doubt the same thing is happening here in the US or will happen soon as bank security vulnerabilities are discovered and exploited.
The fraudsters used a malicious computer programme that hides on home computers to steal confidential passwords and account details from at least 3,000 people.
The Internet security experts M86, who uncovered the scam, estimate that at least £675,000 has been illegally transferred from the UK in the last month - and that the attacks are still continuing.
The new trojan virus can empty bank accounts without their owners knowing about the theft as it shows them fake statements. All the victims were customers with the same unnamed online bank, the company said.
TROJAN PROTECTION TIPS
- Make sure your anti-virus software is up to date.
- Keep firewalls set to the highest level.
- Never open an e-mail attachment from someone you don't know.
- Never double-click on an e-mail attachment that ends in .exe. It is an 'executable' file and can do what it likes in your system.
- If you think your machine has already been infected, contact your bank immediately. If the bank thinks you are a genuine victim of fraud it will reimburse you.
firewalls set to the highest level.
attachment from someone you don't know.
e-mail attachment that ends in .exe. It is an 'executable' file and can
do what it likes in your system.
already been infected, contact your bank immediately. If the bank thinks
you are a genuine victim of fraud it will reimburse you.
THE RISING THREAT OF TROJAN ATTACKS
- Attacks by ‘Trojan viruses’ are on the rise in all countries.
- Although up-to-date anti-virus software should prevent an attack, experts say an alarming number of people leave their computers vulnerable to cybertheft.
- Trojans are malicious programs that hide inside apparently harmless computer files.
- They can lurk on websites, online adverts or hitch a lift in emails.
- The Zeus v3 Trojan involved in the latest attacks hides in adverts that appear on legitimate websites.
- Each time someone clicks on the advertisement, the code is downloaded to their home computer where it lies dormant.
- The code only becomes active when the computer connects to a bank website when it starts to record account details, passwords and other confidential information.
- It checks to see if the account holds enough cash and then transfers up to $5,000 to a ‘mule’ account - a legitimate bank account held by a real customer.
- Owners of these mule accounts operate on the edge of the law and agree to transfer sums they receive to someone else, after taking a cut.
- By the time the police have investigated a Trojan attack, the recipient of the money has usually vanished without trace.
- Security experts say it is relatively easy to protect against Trojan attacks by installing anti-virus software and keeping it up to date.
- Computer owners should also make sure they have downloaded any updates of their operating software - usually Windows - and other programs such as Internet Explorer, Firefox and Adobe.
- People should also be alert to junk emails that pretend to be from banks, the Internal Revenue Service or online shops like Amazon and Ebay.
- The emails invite the unwary to click on a link to a webpage containing a Trojan.