subscribe: Daily Newsletter

 

Bank robbery 2.0

0 comments
There are very few technologies that have affected everyday lives as much as the Internet. Nowhere is this more apparent than with online banking, which allows customers to access their accounts, execute financial transactions or trade shares at any time of the day or night.
However, just as with any other service that involves large sums of money, criminals will attempt to make off with as much of the loot as possible, and in the Internet age, bank robbers no longer need cutting torches to get to customers’ money.
Banks have invested heavily in the security of their systems and effectively encrypted the communication channels from the customer to the bank. But, in reality, cyber-criminals can circumvent all these protection mechanisms by attacking the customer’s PC.
“In the world of bank robbery 2.0, perpetrators do not attack the banks. They infect online banking customers’ computers with intelligent computer malware called banking Trojans. Visiting an infected Web site is all it takes to infect the computer with this specialised malware.
“Once it has stolen the access data, this malware can actively intervene in the payment process and divert legitimate transactions to other accounts without being detected,” says Bruce Goodwill, sales director – EMEA, LATAM and Australia at AVG.
“If the browser has been manipulated by a banking Trojan, data is still transferred from the computer to the bank in an encrypted form, but it is not the data that the user actually entered in the browser.”
Due to the lack of communication about banking Trojans, users remain blissfully unaware of the risk, he says. Being aware, alert and working from an AV-protected PC within a safe network is a good start, but even the best educated IT security expert can fall victim to this malware, as it operates completely invisibly and requires no user involvement at all.
“This is why AVG Surf-Shield actively checks Web pages in real-time at the only time it matters – before you land on that page. If it detects something suspicious, it prevents you from visiting the site. Surf-Shield protects you both when you click a link to a Web page and every time you enter a Web address directly into your browser.
“The AVG Enhanced Firewall adds another layer of protection by defending against malicious attacks by examining communications on each network port. When the Firewall recognises an intrusion attempt, it will immediately block it and keep your private information safe from inbound attacks, as well as outbound attacks where malicious software takes control of your computer,” Goodwill explains.
“But nothing can beat common sense as a defence. Users should always be aware of the need to protect themselves, and ensure that they are visiting reputable sites, protect their passwords, and make sure their security software is constantly up to date.”