Home Blog Latest spam campaign targeting online banking heists

Latest spam campaign targeting online banking heists

Written by Fred Wednesday, 05 October 2011 14:18
Print PDF
Font SizeLarger FontSmaller Font

For the last several weeks, hackers have really stepped up their spam attacks across the board.  Part of the reason is that they are looking to infect computers and steal your online banking info, so they can then take money out of your accounts. While we have many, many defenses in place, no one can completely block this attack, so you need to be vigilant and protect yourself.


The subject lines vary, but some contain a subject like "ACH payment canceled" with a serious-sounding message supposedly from your bank or financial institution.  Don't fall for these!  Don't open them!  In some cases, the malware is included in what appears to be a PDF attachment, that is actually an executable program. It may be inside a Zip archive file.



Once installed, a "keylogger" is installed, monitoring keystrokes, especially when you are on a financial institution's website.  The captured keystrokes are then sent to the hackers, who then break into your account and take your money.


Be sure to keep Windows up-to-date, but also Adobe Reader, Adobe Flash Player, Java. This is because when Windows or these third-party programs are not up-to-date, they are the primary ways to get malware into your Windows system.


For details on avenues of infection, see this:


http://net-security.org/malware_news.php?id=1863


The best case to protect your online banking?



  • Contact your bank and turn off all automated and online access. That would include online banking and ACH transfers. Yes, that would mean writing checks and visiting the bank, in person. This is likely not acceptable for most users, so read on.



Next preferable:


  • Use a Mac or a Live Linux CD.  Macs are not vulnerable to any exploits currently, and this is likely to continue.  You *do* need to update the third-party software mentioned above as well as do Apple's Software Update at least weekly.  A Live Linux CD boots off the CD and runs Linux in memory from the CD, so there is no chance of infection with it, since the hard drive is not used at all.



Next preferable:


  • If you must use a Windows PC, keep it up-to-date on all software updates, use Firefox or Chrome (NOT Internet Explorer!) and do not use it for anything else.  Yes, that includes not using email, web browsing, etc.  Nothing else other than online banking.



More details are at:


http://krebsonsecurity.com/2011/10/monster-spam-campaigns-lead-to-cyberheists/


Please contact us for help in securing your computers and network from attacks such as these.

< Prev   Next >
 

Call for a Free Quote

Latest Blog


Twitter Feed

Contact