An increasing number of people have started to use the online banking service for convenience and peace of mind. And cyber-crooks are aware of that. That’s why they’re constantly investing their efforts into new scams to get your financial data. This includes compromising your internet security and outwitting banks’ security systems.
How can cyber-criminals compromise you while banking online?
Banks and financial institutions have put much effort into internet security measures to protect you from fraud while banking online. You’re probably familiar with the “two-factor authentication security method” – the bank provides you with a security token, which generates a pseudo-random number for you to use at login, along with other credentials. What if fraudsters managed to over-rule this security measure during your attempt to log into your online bank account? A test conducted by BBC’s Click programme in early February 2012 showed that they can.
To protect yourself from cyber-criminals’ malicious wit, you have to first know what techniques they use to breach your internet security and get to your money.
Man-in-the-browser attacks. With the use of financial malware (usually the notorious Zeus Trojan) cyber-criminals can bypass your bank’s two-factor authentication process and manipulate your browser to show a malicious webpage when you try to log into your bank account. The malicious page looks exactly like the one usually displayed by your bank’s website, the only difference is that it asks you for private details that your bank normally wouldn’t, and that enable hackers to take over your account. They can change the amount, destination bank and account, and afterwards, they can alter your account balance to make everything in your bank statement look normal. As you can imagine, a man-in-the-browser attack can throw you into a deep dark internet security loophole.
Phishing schemes. Fraudsters start sending e-mails in an attempt to capture your banking credentials and other security details. A phishing e-mail usually looks as though it comes from your bank and asks you to check your current account details by clicking on a link. However, this link leads you to a malicious website similar to the one of your bank. Once you enter your details, fraudsters can get hold of them. At this point, your internet security and bank account are compromised.
Money mules. Cyber-crooks can use intermediaries to transfer stolen money overseas. And the intermediary can be… you, the “money mule”. They can contact you via e-mail, pose as a trustworthy entity and persuade you to accept money into your bank account for a legitimate reason, apparently. Then, they ask you to transfer money to other accounts in return for a fee. As a money mule, you can be accused of the stealing the money, even though you had no idea the transactions were illegal. In this type of scam, not only your internet security is put at risk, but your physical freedom also.
Hardware and Software keyloggers. Cybercrooks can use small devices they attach to your computer, or pieces of malware they spread over the web and via e-mail attachments, to covertly record your keystrokes. While you have no idea of their existence, fraudsters can find out your PIN, passwords and other internet security information and use them to their advantage.
All of these scams can turn a simple online banking session into an internet security threat. The safety of your financial data and identity are at stake here. So what should you do?
Courtesy : Bull Guard