Major banks targeted by fraudsters
in ‘mind-boggling’ online swindle

Britain’s major banks have been targeted in a “mind-boggling” online scam with the potential to affect more customers than any other attack of its kind, security experts have warned.
By The Newsroom
Published 1st May 2013, 01:01 BST

The sophisticated fraud has been so carefully orchestrated it is almost impossible for even the most security-conscious clients to detect.

Web security company Trusteer said it was impossible to estimate the financial impact but warned the “very serious” cyber assault could cause widespread damage.

Hide Ad
Hide Ad

It is unclear which banks have been singled out but the attack is said to affect “quite a few” major establishments.

Etay Maor, fraud prevention solutions manager at Trusteer, said those behind the latest breach had devised an “unbelievable” technique to defraud bank clients when they log on.

This involves malware – a type of software that is designed to damage or disable computer systems – which remains idle in the background until a user accesses an online bank account.

The Ramnit malware then asks the customer to enter a one-time password, using a message created to appear as if it were sent from the bank, before it diverts funds from a customer’s account.

Hide Ad
Hide Ad

Unlike other attacks of its kind, the Ramnit authors have taken an extra step and doctored the banks’ FAQ sections to reassure suspicious clients.

“It’s mind-boggling,” Mr Maor said: “They even modify the language in the FAQ section to support the new procedure.

“I don’t like giving credit to bad guys but they have done their job very well.”

The scam is believed to have been launched a couple of weeks ago and it remains unclear where those behind it are based.

Mr Maor said the attack could be stopped using specially-designed software which can detect and kill the malware.

Related topics:Britain