Subscribe

Banker Trojans steal Christmas?

Staff Writer
By Staff Writer, ITWeb
Johannesburg, 18 Dec 2007

Banker Trojans are designed to steal passwords for accessing online banking services like PayPal, says Panda Security.

Banker Trojans accounted for 18.59% of malware infections in 2007 and 24.10% of the infections caused by Trojans, the company explains.

"The number of online transactions grows a lot during the Christmas season. That`s why cyber-crooks also increase the number of creations they put in circulation in order to get users` money," says Jeremy Matthews, CE of Panda Security (South Africa).

This type of malware works in various ways, from capturing keystrokes to redirecting users to spoofed banking sites in order to get their money, he adds. "Online shoppers must make sure their computers are free from malicious code before carrying out online transactions."

Holiday phishing

Another threat consumers must face during the holiday season is phishing: e-mails that appear to come from a banking entity or an online purchase service, but are actually false. "Usually, users are asked to click a link and enter their banking details. However, if they do this, they will be giving their data to cyber-crooks," Matthews explains.

Aside from online transactions, time spent by users playing online games also increases at Christmas. Cyber-crooks know this and have started to launch attacks to get passwords for video games, Matthews states.

"The reason for this is the huge number of assets and extra features available to players as they advance through games. Inexperienced players are ready to pay for them in forums, chats, auction pages, etc. This is exploited by cyber-crooks, to make money out of passwords stolen from users," explains Matthews.

Beware IM

Another tool people will use more of this Christmas is instant messaging. Aware of this, cyber-crooks have been working on ways to use these services to spread their creations over the last few months, says Matthews.

"Generally, malware spreads by sending out links or files that seem to come from one of the targeted users` contacts. However, if one of them clicks the link or runs the file, they will also become infected," he says.

"Users must follow this simple advice: never click a file or a link before checking who the sender is. To do this, just ask your contact if they have sent you something," explains Matthews.

Panda has prepared a guide, with tips to help users surf the Internet securely this Christmas.

Related stories:
Malware made in China
Trojans come first

Share