Now that the first victims of the Heartbleed web vulnerability…
Beware of Banking Trojans
Criminal gangs are after your money, and a few of them may be smart enough to get it.
Banking Trojans have been around since at least 2007 and they have become part of our everyday lives. In recent months, ZeuS Trojans have targeted to Finnish banks, resulting in financial losses for hundreds of customers. The success of these trojans has been startling and similar attacks are occuring around the globe.
How does a ZeuS Trojan work?
First, a trojan has to find a computer that is not fully protected. Once it infects a PC, the malicious software sits waiting until it is activated when a customer establishes an online connection to his or her bank.
When this happened to customers in Finland, they saw a message that said, “We are sorry, there is an error and we are working to fix it.” At that point the attack is a success. Personal information provided by the customers can then be exploited and cash transfers can then begin. Often customers do not even realize that they’ve been attacked until long after the transfers are made.
F-Secure’s Labs’ Threat Research Team has been investigating banking trojan cases for more than half of a decade. F-Secure’s Security Advisor Sean Sullivan says: “While Finnish banks have excellent safeguards and protections, we should remember that some of those protections are almost 20 years old. Cyber criminals have had plenty of time to work out new strategies.”
What can we do to protect ourselves?
Here’s Sean’s advice:
1) Don’t panic. It’s a real problem, but no more so than getting your pocket picked in the real world.
3) If you feel there’s something unusual about your online banking experience, call your bank and chat with their support. They are more than happy to help you!
CC image by: BFS Man