ABN Amro has compensated four customers who lost cash
when hackers stole money from their accounts using a malware
phishing technique.
The hackers overcame the bank’s two-factor authentication system
by first sending the victims an e-mail containing an
attachment.
The bank’s customers opened the attachment which installed
malware on their machines. This malware changed the customers
browser settings, so when they tried to visit the ABN Amro site
they were instead directed to a spoof copy of the site.
They were then asked to log in in the usual way, along with a
temporary password supplied by their security token.
This information was then collected by the hackers to
simultaneously log into the real ABN Amro site to withdraw money
from their accounts.
ABN is using the fraud to try and educate its customers about
the threat to their online accounts.
It has said users should not open e-mails from people they don’t
know, and to use a personal firewall along with anti-virus
software.
The amount stolen from the ABN customer accounts has not been
disclosed.
ABN and Barclays staff brace themselves for merger
Axe falls on hundreds of IT jobs at ABN Amro
Comment on this article:
computer.weekly@rbi.co.uk