Home
Free Guides
The Web Host Blog
DomainReg
Shared/Dedicated
Personal Hosting
UNIX Guide
VPS Hosting
PHP Hosting
e-Commerce
Web Development
Dedicated Hosting
ASP Hosting
Windows Hosting
MYSQL Hosting
Cheap Hosting
Colocation
Photo Hosting
Quick Guide
FLASH!
Hints & Tips
Hints & Tips #2
Privacy Policy

Online Bank Fraud and Trojan Horses That Hijack Online Banking Sessions







Online bank fraud has been around ever since banks started offering online services.

It is an ongoing battle; banks increase security and warn users about banking scams, criminals find new ways to break in. With each pass, the methods get more sophisticated. The latest techniques are not only clever at getting in; they are good at avoiding detection.

Early online bank fraud banking services had simple security, users just needed to log in with a password. At most, they were challenged by an extra random question based on details they had given when they signed up. Defrauding the system was just as easy.

Users receive an email, with a link, inviting them to go to the site and update some details. However, the link takes the user to a bogus website or bank phishing site, designed to look like the real bank site.

Users log in, and maybe fill out a form, they give the crooks all the information they need to log into the real bank site, and start transferring funds.

But users have been made aware of these scams, and banks have put traps to make 'grab the money and run' attacks more difficult.

They put limits on the funds to be transferred, and monitor where money is being sent. Online bank fraud with suspicious transactions set off alarm bells, and bank investigators can check details before any money actually is moved.


Nothing Beats Working From Home

More and more people are dropping out of the rat race. Start part-time and build until you can drop the "day job".






Criminals raised the bar by using virus attacks and Trojan Horses.



A Trojan Horse is a program that a user downloads thinking it is for something useful, it may even do something useful, but it will also install a hidden program that sits dormant on the computer. Most of the time this Trojan will do nothing, so it will not be noticed. However, when the program detects the user is logging into a known bank system, it starts logging all the details and relays them to the criminals.

To counter this type of attack, banks put traps on where the user login comes from. If it is from a new location, or the user logs in from two places at the same time, alarm bells go off.

But criminals have found a way round that as well. The Trojan waits until the user logs in and then hijacks the session; it shows an error message to the user saying the server is down, while it quietly gets on with transferring small sums of money. When users are attacked this way, they may try reconnecting several times, over the course of a few days, before complaining to the bank, and each time the Trojan can make a few discrete transactions.

Antivirus programs can help detect Trojans, but Online Bank Fraud is big business, and the criminals are getting better at hiding from them. Investigators, trying to discover how a Trojan worked, discovered it had detected they were not real criminals, and used bogus information to confuse them.

Some weary users keep a separate computer just for bank logins, often running Linux as most viruses and Trojans target Windows. Another solution is to use a Live Linux Distribution, a Linux operating system that boots from a read only CD or DVD. These read only systems can be booted on a normal PC for surfing the web, but can't be infected permanently as they don't use the hard disk.




Free Downloads - Free Guides

Some people have trouble with developing a website or writing effectively for the net. With these Master Courses, you will find there is nothing magical or complicated about it.



Return to Hints & Tips #2 from Online Bank Fraud





Custom Search


footer for online bank fraud page