Skip Tags

Popular Tags

Decorative icon

The Resource Center Credit Fraud & Credit Monitoring | post

SpyEye – A Dangerous New Banking Trojan Circulating

by Neal O'Farrell on

Intersections’ Consumer Security Adviser Neal O’Farrell writes today about a dangerous new banking Trojan that has recently been making the rounds. It’s called “SpyEye” and it is causing all sorts of trouble. In today’s article, Neal provides some important tips on how to protect yourself, and your bank account from this nasty threat.

A few years ago I started warning about a dangerous new type of malware known as a banker or banking Trojan, with names like Clampi and Zeus. Banking Trojans were such a threat because they were very good at what they were designed to do — sneak on to your computer, bypass security, steal your passwords, log in to your bank accounts and empty them. Within a matter of months the FBI estimated that these Trojans had stolen hundreds of millions of dollars from victims across America.

Security researchers recently discovered a very dangerous new form of this Trojan that has financial institutions very worried. The Trojan is called SpyEye and has also been around for a few years — most researchers believe SpyEye is just a reincarnation of the dreaded Zeus Trojan.

In the new version, the Trojan is able to manipulate your transactions history so that if you were to check in on your bank account and look at things like transactions and balances, everything would look OK. That's because the Trojan is able to erase its tracks and hide any changes it makes in your account — like transferring all your money to another account. This is a very worrying development because in many cases, checking your statements is the only defense you may have against such scams.

Because the attack presents the doctored statements to your browser, it would not be able to hide the attack if you were to access your bank account from another computer or an ATM. And of course the scam would be obvious in a paper statement. But, as experts point, finding out about the attack when your statement arrives thirty days later may be way to late to stop thieves from emptying your account.

In an interview with MSNBC, Amit Klein, one of the security experts who discovered the new threat cautioned “My take is that if your computer is infected with financial malware, it’s game over anyway. My takeaway is you need to prevent getting infected with financial malware in the first place.”

Because SpyEye variants are constantly changing to evade virus detection, it can sometimes take virus companies weeks to push out a virus signature to your computer. If SpyEye manages to infect your computer during that window, you may be out of luck.

In 2005, almost half of new malicious codes were Trojans, according to Panda Security. By the end of 2010, Trojans made up more than 70% of new malware.There are believed to be thousands of varieties of banking Trojans in circulation, and some can be purchased as complete ready-to-go kits for as little as a few hundred dollars.

Most Trojans will infect computers by using spam with infected email attachments, or by infecting web sites which in turn will infect unprotected computers visiting those sites – known as “drive by” infections.

Here are some things you can do to protect yourself:

Scan all of your personal and business computers, either using your existing anti-virus software or using any of the free scanning services listed on our web site.

Be very careful in the websites you visit and consider using one of the many free web site verification tools, like Trusteer, that can help identify infected web sites before you click on them.

Layer every computer with the best virus and spyware protection available and update it constantly. But be aware that having the latest anti-malware protection in place is no guarantee that you’ll be able to prevent or detect an infection.

Patch your computer constantly and make sure your computer settings are configured to automatically download and install patches and updates as soon as they become available.

Avoid opening email attachments or clicking on links in emails unless you’re able to verify the email is legitimate, and be careful about visiting web sites you’re not familiar with.

Teach all family members or employees to be especially vigilant for phishing schemes and to watch out for unusual or personalized emails with attachments or links that are not familiar.

Set up account alerts to notify you of any transactions or changes in account balances, and work with your bank to see if there are additional layers of authentication they can use to prevent or alert you to unauthorized transfers.

Spread your funds between a number of accounts and limit the number of users on each account.

Change your passwords regularly, make them tough to guess, and protect them well.

Use keylogger protection to help hide your passwords and protect them from snoops.

Consider using just one computer for online banking, and make sure that computer is highly secure and ideally not used for email or any other Internet connected activity.

Be vigilant when visiting your bank login page, especially for any changes to the login procedure or requests for additional information.

Check your paper statementsas soon as you get them

Learn more about identity theft protection.

Keep informed about the latest threats to your safety. Join our Facebook group and follow us on Twitter.