Attacks Pertaining to Theft of Personal Banking Data on the Rise

Security Company F-Secure is warning computer users worldwide about attacks that are increasingly targeting users' personal online banking data. The attacks are said to use malicious codes of a new generation and a method called 'Man in the Browser'.

Criminals on the Internet have been always finding ways to capture banking and other personal details of users on the Web. The techniques that these criminals use are also getting sophisticated so that they can adapt to the new security solutions progressively growing in sophistication. Online crime began with software called 'keyloggers' that retrieved the information typed on the keyboard of a computer, and then moved on to more complex techniques such as pharming and phishing.

The technique 'Man in the Browser' involves the fraudster purporting to be the bank's Website and then tapping the data that the user enters on the site. With this data, the fraudster then accesses his unwary victim's bank account on the real site.

Chief Research Officer Mikko Hypponen at F-Secure said that as banks enhance the security for authentication on their Internet banking sites, it makes phishing attacks less effective while 'Man in the Browser' type of attacks tend to increase. Webusers published Hypponen's statement on November 21, 2007.

For a PC that gets infected, the malware on it becomes active as soon as the user accesses his online banking Website. The malware then retrieves the password and login information that the user types in on the true Web page of the banking site by tracking the HTML code on the user's browser.

This private information is then transmitted to an FTP Website where the online fraudster saves it to later sell off online to other criminals at the maximum possible rate.

The best way to prevent such attacks, according to F-Secure, is to use security solutions that analyze the behavior of malware since the keylogging software is crafted to suit the specific banking site. Different as they are from phishing, these attacks are not launched in masses, and this limited distribution challenges the security software in terms of virus detection and deployment of signature recognition.

Related article: Attacks On IM And Chinese Malware On The Rise

» SPAMfighter News - 05-12-2007

All SPAMfighter products offer a free trial!

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail, Windows Live Mail and Thunderbird.

Optimize your Slow PC for better performance. Try FREE scan now

Disk space recovery
and disk optimization. Try FULL-DISKfighter free

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial.

Remove Spyware with SPYWAREfighter - Free 30 days trial

Antivirus software for your Windows PC - Free 30 days trial