MessageLabs has warned that cyber criminals are surfing into online banks alongside customers to steal their money in response to the increased adoption of stronger authentication.
Instead of stealing user names and passwords, the new ‘bank-stealing Trojans’ wait until their would-be victim has logged into their bank account, then transfer their money out.
The bank-stealing Trojans are programmed to work with specific online banking websites, and typically arrive in an email with an apparently innocent web link - for example, to an online greeting card. If the user clicks on it, they will download an executable that installs itself into their browser and then waits until he or she visits their bank site.
This new type of Trojan is on the rise and is currently No. 3 on the list of most common threats, according to MessageLabs. The use of remote control code to maintain networks of zombie PCs, or botnets, and phishing scams top the list.
Even the largest, most sophisticated users admit that attacks are a challenge to keep up with. Since 2002, Boeing has seen an 11,000% increase in the amount of malicious software stopped at its gateways, with phishing a major problem.
David Perry, of anti-virus company Trend Micro, has warned that lack of trust is now a serious concern, suggesting that if you get an email from your bank, you’d think twice about opening it. It raises the previously unthinkable prospect: that the number of threats from viruses and spam could see the use of email decline, to be replaced by other instant communication methods.