Algorithmic Trojans empty banks account
Criminal gangs are using sophisticated algorithms in a creative but sinister fashion to optimize the placement of their fraudulent web sites, thereby crowding out legitimate sites on search engines. The bad guys harvest legitimate web pages and spin the content with subtle wording to fool the unwary reader. They hack into known sites and link their pages to the known sites, piggy backing on their reputation. The criminals are smart and fast ‐‐ and can erect fraudulent pages faster than they can are detected and taken down.
Just such a scenario is unraveling in the UK. A Trojan virus called Zeus v3 is emptying client bank accounts at one major bank. A Trojan virus is code that lurks in emails or on web pages that appear to be legitimate, but in fact infect the users’ computer. From there, they collect information – including when the infected computer visits a bank site. It collects the user name, password, and other account details that are then sent off to the “mother” destination. The “mother” computer appears to reside in eastern Europe at this time ‐ but that may be a just a stopping point.
In all likelihood much of this nonsense would be prevented if users kept their computers updated for OS, browser and anti‐virus software. All of these programs can be set for automatic, or passive updates. Updated versions of OS and browsers are free, and updates for anti‐virus software will depend upon your contract with the host. If anti‐virus updates are not free, the $30 to $50 annual fee is worth every penny.
Banks and other sensitive sites cannot keep up with these threats. They must first monitor how their website is being accessed. Hacking a web site is a bit like hacking an online novel and rewriting the first chapter so that the bad girl wins and gets the guy. A simple internal program that looks for such programming changes will take care of that.
Banks need to look at patterns of transactions all coming from different locations. Transaction patterns in a bank are like rays of light – they go in all sorts of directions. They look for multiple clients sending money to the same or similar destination. Transaction monitoring helps, but the user is the front line in this battle.
At some point, banks will likely prevent access to their systems if the computer logging on does not have the most current OS, browser and anti viral protection. This precaution will help everyone practice safe banking. Expect it to happen.