11/10/12

Is your Computer Stealing Your Money?

A recent article in The Independent on 10th October by Jerome Taylor entitled Be Warned – Your Computer May be Stealing Your Money sounds
the alarm from cyber-security experts that cyber-criminals have
attained new levels of sophistication in the methods they now use to
empty your bank account without you even knowing. Using “RATS” remote administration tools, cyber criminals can access your computer
and conduct transactions with your bank as if those instructions were
coming from you. Experts have described these new software tools as “blood-chilling in their complexity and efficiency.”

Almost 1/3 of all fraudulent bank transactions originate from the
customer’s own computer as cyber-criminals use fiendishly clever
malware tools to get around the complex online security checks being
introduced by the banks. 

Banks and financial institutions across Europe have developed
ever more complex multi-layered security  checks to combat online crime.
However, the latest software used by the criminals fools the bank into
thinking that they are making a legitimate online transaction. Uri
River, head of the cyber strategy organisation BioCatch, explained that
over 30% of banking fraud comes from the weakest link; the customer’s
own computer. This risk applies equally to business and personal online
banking customers. 

So what can you do to stay safe?

Our checklist will help you make a start:

  1. Be aware that the risk is real and growing so make sure that, family,
    staff and employees understand that level of the threat and do not
    become complacent.
  2. Never divulge your banking password or Pin Codes to anyone –
    least of all in response to an email claiming to come from your bank.
  3. Protect your personal and business systems and your data –
    NOW. An investment in anti-virus, anti-malware and a strong software and
    / or hardware firewall is vital and worth every penny. Losing your hard
    earned money is bad enough – losing valuable identifying data which the
    criminal can use time and time again is unthinkable.
  4. Make sure you buy fully licensed copies of the security
    software and ensure it is configured to automatically update daily. If
    you don’t know to do this – ask for professional PC support. It can be
    done remotely and quickly.
  5. Check daily that the software is doing it’s job – sometimes
    the update process is disabled when you install new software or reboot a
    PC. Check – Never Assume!
  6. Check and reconcile your bank account frequently. Don’t leave
    it until the end of the month or assume that the unknown transaction on
    your statement must have been a purchase you made…. it may well be a
    cyber-criminal testing to see if you actually spot a small transaction
    before he starts to empty your account. Criminals count on most people
    not checking their bank balance often and not querying small
    transactions.
  7. Use the security supplied by your bank to protect those sites
    where you enter personal details and information which can identify you,
    your business and your accounts. A few key details are all criminals
    need. Trusteer Rapport is used by several of the big banks. A read of
    the weekly log of the cyber-criminals attempts to gain entry to your PC
    makes jaw-dropping reading. Tell your staff to read them too and ensure
    they stay alert!
  8. Be aware that soon if you don’t use the software recommended
    by your bank – they may not reimburse you for funds taken illegally from
    your account. You may be considered to have been negligent. The level
    of theft is now so high banks are going to have to pass on some of their
    losses.
  9. Be link wary. Don’t click on links in unsolicited emails.
    Scammers increasingly use generic language designed to hook your
    interest or prey on your fears and you have clicked on the link before
    you realise what you have done.
  10. Look to see who the email has been sent to. If there are another 10 names on the list – don’t click on the link.
  11. NEVER download program or software offered in an email.
  12. Be very, very careful of installing programs you have
    downloaded from a website unless you have verified the website
    certificate and scanned the downloaded file for malware and viruses
    BEFORE you open it.
  13. Keep one credit card for online purchases. Avoid using debit
    cards as these trace directly to your bank. set the credit card limit to
    a level that if the card was stolen you’d be able to cope without that
    amount of money.
  14. Keep a separate and dedicated email address for online
    shopping and whenever you have to give email details online. Keep a
    separate email address for friends, family and business.

Finally, if you are scammed report it at actionfraud.police.uk or call 0300 123 2040. Even if you can’t get your money back, spreading the word will help others.