BEWARE - New Banking virus

[GumbyCT]

A new banking virus which is download by users clicking on links. It changes what you see from your bank while online so you won't know what has happened.

--------------------------------------------------------------------------------------
New virus raids your bank account - but you won't notice
<snip>Think of a crime plot involving a spy who plans to break into a high-security building and begins by swapping out security camera video so guards don't notice anything is amiss. Known as a surveillance camera hack, the technique has been used in dozens of movies.

A new version of the widely prevalent SpyEye Trojan horse works much the same way, only it swaps out banking Web pages rather than video, preventing account holders from noticing that their money is gone.

The Trojan horse employs a powerful two-step process to commit the electronic crime. First, the virus lies in wait until a customer with an infected computer visits an online banking site, steals their login credentials and tricks the victim into divulging additional personal information such as debit card information. Then, after the stolen card number is used for a fraudulent purchase, the virus intercepts any further visits to the victim's banking site and scrubs transaction records clean of any fraud. That prevents -- or at least delays -- consumers from discovering fraud and reporting it to the bank, buying the fraudster critical extra time to complete the crime.<snip>

Read more here -
http://redtape.msnbc.msn.com/_news/2012 ... ont-notice

[chunkyfrog]

I refuse to bank online.
Call me a Luddite; but it makes me feel safer.

[jmcanzo]

I refuse to bank online.
Call me a Luddite; but it makes me feel safer.

Problem is if your bank is online, ALL your info is already there!
Do you use a credit/debit card at a restaurant? If so you hand the card off to the waitstaff, they walk off somewhere and then come back with the bill. MUCH MUCH easier to steal CC#'s this way, then over the internet.

[GumbyCT]

I refuse to bank online.
Call me a Luddite; but it makes me feel safer.

Problem is if your bank is online, ALL your info is already there!
Do you use a credit/debit card at a restaurant? If so you hand the card off to the waitstaff, they walk off somewhere and then come back with the bill. MUCH MUCH easier to steal CC#'s this way, then over the internet.

Which is why I don't any longer. That last waitress in my small town said "you're kidding, right?". NOT at all, I'm Gumby Dammit.

I do still bank online, from one wired pc ONLY. It has XP Pro and is a slow dog. Who wants to attack XP? Not much money there.

May I ask wassa "Luddite"?

[Kairosgrammy]

*sigh*

[Lizistired]

That's scary!

[Paul56]

The Internet is the modern day equivalent of the wild west.

- be very careful with the links you click on

- also be careful with the emails you open and links contained within

- credit cards stored online is risky no matter what the vendor tells you

[SMenasco]

This morning, I had an e-mail in my spam folder from the IRS, with an attachment entitled "IRS Request No. 86640." I have been told that the IRS will never e-mail anyone. I guess that's true. Anyway, I did not open the document nor the attachment, both of which I deleted.

[GumbyCT]

I have had good luck by doing a couple things I'll repeat here.

1. Use Mozilla Firefox. IF the site doesn't work with FF I don't go there. This is prob the BIGgest help.
http://www.mozilla.org/en-US/firefox/new/

2. Use Spyware Blaster. It doesn't run in background or use up memory.
http://download.cnet.com/SpywareBlaster ... 96637.html

3. Use McAfee SiteAdvisor. Once installed you should take the time to copy/paste the link to 'any' website into Google BEFORE you even go there. IF SiteAdvisor shows either yellow or red, don't go there, it's that simple. When FF upgrades, IF the upgrade doesn't support SA - don't upgrade until it does.
http://www.pcworld.com/downloads/file/f ... ption.html

4. Use Adblock Plus. Subscribe to EasyList. I just don't see popups since using this.
http://adblockplus.org/en/

5. Dl & install Microsoft Security Essentials. http://windows.microsoft.com/en-US/wind ... essentials
Set updates to automatic.

6. Set the Windows Updates from MS to check but to let you choose when to Down Load. This is to avoid any push from MS with problems or errors. But then YOU must check for the Updates yourself. Either weekly or monthly, but do check.
http://windows.microsoft.com/en-US/wind ... ut-updates

7. Even IF your computer is bulletproof - Don't do online banking or shopping from ANY pc the kids are using bc regardless of what you tell them, they just like to click on things, things will dl in background without anyone knowing it, and bc they don't understand - they will deny they played any role in the problem.

ALL of the above are FREE - I have been using those things for years now and haven't had any problems. It has been working for me. I setup every computer the same way and it doesn't surf the internet until it has all of the above, at the very least.

HTH

[GumbyCT]

This morning, I had an e-mail in my spam folder from the IRS, with an attachment entitled "IRS Request No. 86640." I have been told that the IRS will never e-mail anyone. I guess that's true. Anyway, I did not open the document nor the attachment, both of which I deleted.

You can bet that someone they sent that to will respond and give away their money. Which is why these scams continue on. Even the old ones find people new to the internet and naive enuff to think - if it is on the internet, it must be true.

[TalonNYC]

Actually it's a Trojan, not a virus, which is a very different thing. Trojans require that you (the victim) download and/or install some piece of software to your computer in order for the hack to work. A virus propagates without user intervention by finding backdoors and security holes to infect through over a network or on removable devices like USB flash drives.

Here's how this one works (non-techie version):

First, you get an email like the ones people have mentioned. The IRS needs you to fill in a form, or your "bank" needs your attention, or a friend sends you some hilarious video file. They make you open a file to "view" the form or run an application to play the video. That's the Trojan software.

Next, when you go to a bank website, the software sees what you type into the username and password by reading the keyboard data as you type. That's how they get access to your account to steal the money

Third, the software sends your user info to the criminals, who perform electronic fund transfers to shell accounts so they can take the money.

Finally, the software dynamically edits web pages, so when you view your online banking website, the software on your machine swaps out data the bank sends with data it creates, making it look like nothing is wrong.

So, how do you stop this?

First, before ANYTHING ELSE, do not open attachments in emails unless you know exactly what they are. Even if it is from someone you know, if you're not expecting it, don't know what it is, don't know exactly why it was sent to you, do not open it. Remember also that no major (or even minor) bank will EVER send you an attachment that you must open to do anything. Nor will insurance companies, the government or any other major organization. They'll ask you to visit a branch or go to their website.

Next, never click on email links from banks, government agencies, etc. Even if you know who they are, don't use the link in the email. Instead, open the browser and go to the bank or agency's website manually. Use the website's Search feature to find what you're looking for (not Google, the search on the website itself). Sometimes the links are quite legitimate, but more often than not it is a scammer. Going manually to the bank or agency website and using the search box for the info is much safer.

These two things will keep you safe from about 99% of the scams and trojans/viruses out there. No software, utility, or malware scanner is more effective than these two things. Once you have these two habits down, then a good anti-malware system (NOT just anti-virus) will cover the other 1%.

Stay safe, and keep a little caution when you're online. That's the best advice any security professional will give you.

[GumbyCT]

Actually it's a Trojan, not a virus, which is a very different thing.

And that matter's how? Actually, Does it really matter what you called it when your bank account is empty? I mean really?

The point is the message, But we do thank you for the distinct clarification

[TalonNYC]

It's vitally important. Users have to start becoming educated about how these things spread, and the different vectors they use. A virus would be 1000x more dangerous, because the end user wouldn't have to actually do anything to become infected but be online. At least with a trojan, you can protect yourself to some degree by trying to not open unknown attachments, and therefore have a much better chance of not getting infected.

One of the major obstacles to digital security is that most people think it's some kind of mystical meta-science that they can't understand. By learning the basic stuff, like what kinds of threats are there and what they're called, everyone can help protect their computers more effectively.

So, it's not a virus, it's a trojan, and that's a huge difference that shouldn't be ignored.

[GumbyCT]

So, it's not a virus, it's a trojan, and that's a huge difference that shouldn't be ignored.

Your Honor, I respectfully withdraw the question.

I don't disagree the terms have different meaning but point to the link in OP where both terms are used interchangeably. And I know it was NOT I that called it either. You are shooting at the messenger. I only brought you the message.

Your Honor, I respectfully withdraw the question. Thank You?

[TalonNYC]

Very true, let me aim the guns at that website =)

This particular attack is even more nasty than most, as it edits the web pages to hide its tracks. I'm happy you're getting the word out there, and thanks for doing that.