Subscribe & Follow

Advertise your job ad

Norton issues Trojan warning during festive spending

8 Dec 2011

The direct cash cost due to cybercrime in South Africa amounting to R4 billion in the last twelve months according to the Norton Cybercrime Report and each attack takes on average 16 days to resolve. With this in mind, there is a renewed need for local users to become more vigilant when banking and carrying out everyday tasks online.

Trojans, containing malicious codes, are nothing new and have been around for many years with detections back to 2003 but they flourish in high spending seasons.

"As with any holiday, we see consumers spending and travelling more across the region and abroad. Whether they are booking a flight or buying a gift, users can now choose to do this from their home computer, smartphone or tablet, but all are essentially broadcasting sensitive financial information that could easily be put into the wrong hands. Cybercriminals are first and foremost financially motivated, therefore we should be looking at how we protect ourselves when sharing these details online, to prevent attacks through Trojans or otherwise," says Kara Rawden, senior marketing manager, consumer - Middle East and Africa Symantec Corporation.

How do they work?

For a Trojan to spread, it must be invited onto your computer, which could easily occur by opening an email attachment or downloading and running a file from the Internet. Once the Trojan is in, it could trigger loss, or even theft of data.

Traditionally, Trojans typically captured data traffic exchanged between the user and the online banking website. The captured information included the authentication information, which is collected and sent to the attacker by the Trojan for their use or to on sell to other parties for a profit.

More sophisticated banking Trojans employ a man-in-the-browser (MITB) method that is designed to overcome defences, such as SSL encryption and multi-factor authentication. MITB is achieved by monitoring and intercepting user activities in the browser in real time and modifying the HTML content inside the context of the browser, either to display false information to the user or to manipulate details of transactions sent from the user to the bank.

In addition to being able to steal information, they also offer a back door, allowing a remote attacker to control the infected computer. Commands range from listing and terminating processes running on the computer, clearing browser cookies, executing arbitrary programs, to completely rebooting the computer.

Tips

Be sceptical and be wary: generally, you should treat anything you see online with some degree of scepticism. Do not believe everything you read, be it financial advice, breaking news, or tips on free giveaways - especially if it involves clicking on a link or installing an application. If someone asks you for money in advance, it might be a swindle. People on the Internet are not always who they claim to be.
Privacy Policies: Most banking services have specific privacy guidelines and rules that are published on their websites. Make sure you understand them, even though they may be tedious to read. Good, strong passwords, containing letters and numbers, as well as special characters if possible are key to keeping safe.
Stay updated: Some of the newer attacks are very sophisticated and are sometimes hard to spot for an untrained eye. Use comprehensive security software to protect against these threats and always ensure that the software you use is up-to-date. This not only includes the operating system and web browser but also third-party plug-ins such as PDF viewers.