Banking Spyware Mitigation

In the past, attackers have relied mainly on e-mail messages that lure victims to malicious Web sites, where they are tricked into disclosing usernames and passwords for banking sites and other sensitive online accounts. With the increase in Information Technology, it is now possible for attackers to obtain this information and more without luring you anywhere. With Keylogger software programs, obtaining your confidential information is as simple as visiting a well known website such as Google, Yahoo, Ask Jeeves, or CNN. The keylogger programs are built specifically to capture login names and passwords for online bank accounts and to send them to the attackers. Users of Windows XP who have not installed Service Pack 2 are particularly vulnerable, as the code could be automatically downloaded without the user's knowledge. If you have an unpatched Windows machine, when you go to the URL it will automatically download everything from the Web site, including the Trojan. All you have to do is type in the URL of the infected website and your confidential information is susceptible. The Trojan is a new variant, so antivirus and anti-spyware vendors do not yet block it. The activity could be the latest attempt by a criminal gang to use spyware for financial gain. In March of this year, Britain's National Hi-Tech Crime Unit foiled an attempt to steal about $390 million from the Japanese bank Sumitomo Mitsui. In that case, keyloggers were used to relay passwords and access information to the criminals who intended to transfer the funds electronically. A man in Israel was arrested after allegedly trying to transfer $25 million of the funds. According to Websense Enterprise, the attackers typically exploit vulnerabilities in Microsoft's Internet Explorer browser program. Each week in February and March 2005, Websense uncovered as many as 10 new keylogger variants and more than 100 new Web sites set up to infect computers with them. That is up from November and December 2004 when the average per week was 1 to 2 new variants and at most 15 new sites per week.


Check out http://www.covetrix.com/networksecurity/websense.jsp