News

Clampi: Five free steps to protect your online banking

Cliff Saran

Internet users can follow five simple steps to avoid being caught out by the Clampi Trojan horse.

The malware steals bank details when people log into online banking sites, and transfers money out of their accounts.

Rik Ferguson, senior security advisor at Trend Micro, and author of the Countermeasures, security and privacy blog, recommends:

• Check your bank's liability policy to ensure you are covered. Sometimes banks stipulate that you must be running up-to-date anti-malware.

• Be wary of chip & Pin readers. Some banks offer chip & Pin readers for home users. But they are only safe if they prompt users to enter their Pin for each new transaction.

• Users who are really concerned that their main PC could be compromised should run a dedicated PC just for online banking. If this is too expensive, download the free VMware Player software, which allows you to run virtual machine on your main PC. This virtual machine is analogous to a separate PC, and enables the user to run a dedicated online banking session.

• Set up whitelists and blacklists to minimise the risk of visiting rogue websites.

• Firefox users should download the free NoScript tool, which prevents JavaScript and Flash programs from running. The tool gives a warning if a script attempts to run. You need to authorise it manually, but the plug-in maintains a list of scripts the user has confirmed are OK. The option is not available on Internet Explorer.

• Download Secunia PSI, another free tool, which inspects users' PCs for outdated software. Hackers are increasingly targeting applications, which, if not up-to-date, could enable them to take-over your PC. The PSI software lets you know if your PC needs updating.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy