Robert Siciliano Identity Theft Expert
A new kind of Trojan horse infiltrates your online bank account, and not only steals your log-in information, but also siphons funds directly out of your account. The virus is known as URLZone, is controlled by servers in the Ukraine, and it determines how much money to steal from a victim’s account depending on the initial balance, all in real time, while the user is logged in, displaying a fake balance so the victim isn’t aware that it’s happening. URLZone targets Firefox, Opera, and the last three versions of Internet Explorer. Currently, the virus is only targetting computers in Germany. But it’s only a matter of time until URLZone, the most sophisticated worm of its kind to date, spreads further.
Like most viruses today, URLZone generally infects a PC when the user clicks a link or visits an infected site. Once the virus is installed, it waits for the user to access an online banking website. That’s when it goes to work. While the user is banking online, the virus communicates with the bank’s server in the background. Transactions are being processed and the user doesn’t see any of it happening. Frankly, this doesn’t even sound possible to me. But it’s happening. The virus then erases its tracks by displaying a bank balance on the infected computer that doesn’t reflect the funds that have been stolen. The victim will only recognize a discrepancy in the balance when using an uninfected computer or an ATM, or receiving a paper statement. Or when the checks start to bounce.
A virus with the sophistication to hijack the victim’s browser, steal money during an online banking transaction, and then cover its own tracks by modifying the information displayed to the victim, all in real time, is not good, to say the least.
White hat hackers are struggling to stay one step ahead of the criminals, but black hat hackers are out in full force. There are more ways to compromise data today than ever before. From 2007 to 2008, the number of viruses quadrupled from 15,000 to nearly 60,000.
Recently, a couple’s bank account was compromised as a result of their own insecurity. The bank claimed no responsibility and held the couple accountable for the loss. Now they are suing the bank. Depending on how this case pans out, you may be held responsible for the loss if you’re hacked.
1. Make sure your anti virus up to date and set to run automatically.
2. Update your web browser to the latest version. An out of date web browser is often riddled with holes worms can crawl through.
3. Update your operating systems critical security patches automatically
5. Check your bank statements often, online, at least once a week.
6. Invest in Intelius Identity Theft Protection. While not all forms of identity theft can be prevented, you can effectively manage your personal identifying information by knowing what’s buzzing out there in regards to YOU.
Robert Siciliano Identity Theft Speaker discussing online banking insecurity