According to Eurostat, 36 percent of people in Europe used online banking for transactions last year. In Norway the figure was a staggering 83 percent. But, just as with any other service that involves large sums of money, criminals attempt to make off with as much of the loot as possible. In the Internet age, bank robbers no longer need cutting torches to get to customers' money.
Bank robbery 2.0: Attacks in the browser
Banks have invested heavily in the security of their systems and effectively encrypted the communication channels from the customer to the bank. They have also continued to improve the TAN procedure, having recently done away with printed TAN lists and introduced new procedures such as mobile TAN and flicker TAN. But, in reality, cyber criminals can circumvent all these protection mechanisms by attacking the customer's PC.
In the world of bank robbery 2.0, perpetrators do not attack the banks. They infect online banking customers' computers with intelligent computer malware called banking Trojans. Visiting an infected website is all it takes to infect the computer with this specialised malware. Once it has stolen the access data, this malware can actively intervene in the payment process and divert legitimate transactions to other accounts without being detected.
How does the fraud work?
If the browser has been manipulated by a banking Trojan, data is still transferred from the computer to the bank in an encrypted form, but it is not the data that the user actually entered in the browser. If the bank customer tries to pay his rent from his infected PC, for example, the data he enters is visible in the Internet browser, but once the TAN is entered the money is unnoticeably directed to the criminal's account.
Most antivirus solutions do not detect new banking Trojans until it is too late, since they require a corresponding signature for protection. In one test, conventional protection programs only detected 12 percent of the malware strains immediately and 27 percent after 24 hours. This means that traditional security technologies found it almost impossible to protect computers fully against current banking Trojans.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.