View our reviews on Hot Scripts You can now obtain our example scripts and/or vote for them at Hotscripts. To visit Hotscripts click here.

The best way to protect yourself from an online financial scam is to diligently check your bank accounts. At least, until now. Security firm Trusteer has found an elaborate new computer virus that not only helps fraudsters steal money from bank accounts, it also covers its tracks.
Think of a crime plot involving a spy who plans to break into a high-security building and begins by swapping out security camera video so guards don't notice anything is amiss. Known as a surveillance camera hack, the technique has been used in dozens of movies.

A new version of the widely prevalent SpyEye Trojan horse works much the same way, only it swaps out banking Web pages rather than video, preventing account holders from noticing that their money is gone.

The Trojan horse employs a powerful two-step process to commit the electronic crime. First, the virus lies in wait until a customer with an infected computer visits an online banking site, steals their login credentials and tricks the victim into divulging additional personal information such as debit card information. Then, after the stolen card number is used for a fraudulent purchase, the virus intercepts any further visits to the victim's banking site and scrubs transaction records clean of any fraud. That prevents -- or at least delays -- consumers from discovering fraud and reporting it to the bank, buying the fraudster critical extra time to complete the crime.

Trusteer calls it a "post transaction" attack, because much of the virus' effectiveness is attributable to its ability to control what victims see after fraudulent transactions occur. Amit Klein, chief technology officer for Trusteer, said he believes criminals have used the technique for a few months, and it has infected real consumers.

"I predict that the use of post transaction attack technology will significantly increase as it enables criminals to maximize the amount of fraud they can commit using their initial investment in malware toolkits and infection mechanisms," Klein said.

The new SpyEye came to Trusteer's attention when a large retail bank in the United States spotted it and shared with the firm, he said.

Read the entire article:

Bookmark / Share:
StumpleUpon Ma.gnolia DiggIt! Blinklist Yahoo Furl Technorati Simpy Spurl Reddit Google

Do you have a thought about this article? Post a comment and tell us about it!