MessageLabs has warned that cyber criminals are surfing
into online banks alongside customers to steal their money in
response to the increased adoption of stronger
authentication.
Instead of stealing user names and passwords, the new
‘bank-stealing Trojans’ wait until their would-be victim has logged
into their bank account, then transfer their money out.
The bank-stealing Trojans are programmed to work with specific
online banking websites, and typically arrive in an email with an
apparently innocent web link - for example, to an online greeting
card. If the user clicks on it, they will download an executable
that installs itself into their browser and then waits until he or
she visits their bank site.
This new type of Trojan is on the rise and is currently No. 3 on
the list of most common threats, according to MessageLabs. The use
of remote control code to maintain networks of zombie PCs, or
botnets, and phishing scams top the list.
Even the largest, most sophisticated users admit that attacks
are a challenge to keep up with. Since 2002, Boeing has seen an
11,000% increase in the amount of malicious software stopped at its
gateways, with phishing a major problem.
David Perry, of anti-virus company Trend Micro, has warned that
lack of trust is now a serious concern, suggesting that if you get
an email from your bank, you’d think twice about opening it. It
raises the previously unthinkable prospect: that the number of
threats from viruses and spam could see the use of email decline,
to be replaced by other instant communication methods.