ABN Amro has compensated four customers who lost cash when hackers stole money from their accounts using a malware phishing technique.
The hackers overcame the bank’s two-factor authentication system by first sending the victims an e-mail containing an attachment.
The bank’s customers opened the attachment which installed malware on their machines. This malware changed the customers browser settings, so when they tried to visit the ABN Amro site they were instead directed to a spoof copy of the site.
They were then asked to log in in the usual way, along with a temporary password supplied by their security token.
This information was then collected by the hackers to simultaneously log into the real ABN Amro site to withdraw money from their accounts.
ABN is using the fraud to try and educate its customers about the threat to their online accounts.
It has said users should not open e-mails from people they don’t know, and to use a personal firewall along with anti-virus software.
The amount stolen from the ABN customer accounts has not been disclosed.
Comment on this article: firstname.lastname@example.org