Eat your hearts out, Bonnie and Clyde. There's no bloody trail from these bank robberies. It's a Trojan type virus that not only steals money but also manipulates the online bank statement to hide the fake transaction.
The Sophos' NakedSecurity alerts us about the discovery by Trusteer of this technique they call a "post transaction attack." It differs from previous robber-viruses in that it hides the theft. From Trusteer:
e. The next time the victim visits their online banking site, the malware hides (“replaces”) the fraudulent transactions in the “view transactions” page, as well as artificially changing the total fraudulent transaction amount to balance the totals. As a result, the deceived customer has no idea that their account has been ‘taken over’, nor that any fraudulent transactions have taken place
Of course, if the victim still receives statements through the mail, the transactions will eventually be detected. However, with many customers encouraged to ‘go paperless’, it could take many months before the fraudulent activity is identified. (Emphasis mine.)
Indeed. Banks, credit card companies, brokerage firms and practically all other entities that handle our money are constantly badgering us to go paperless. Makes a person want to go computerless.
Comments