Firstly, no bank nor the Receiver of Revenue will ever send you an e-mail requesting you to amend/update your banking details or “test” your account. Be suspect of any e-mail that asks you to log on and enter your user name and/or password on a link in an e-mail or asks you to open an attachment.
A few weeks ago, a prominent bank had millions of Rands withdrawn from their client’s accounts in a morning after a scam of false e-mails were sent out. I am personally aware of one person who lost over R100,000 in a matter of minutes.
In addition, DHL (to name one), or other courier companies will phone you and not send you an e-mail with an attachment to open. If you are not expecting an invoice from someone, then don’t open the attached file or click on any e-mail links! And guys, girls from Russia or using Skype don’t all have an urge to want to chat to you, or send you naughty pix. Those links in mails and attachments are links to Trojan key-loggers. If you are not expecting a mail from someone and you get an e-mail with an attached file and the text of the mail seems to be motivated towards having you open the attachment, be suspicious. Call the sender and confirm before opening. If you don’t know the sender, then it’s pretty obvious it’s a scam.
Second, there are many ways to steal your banking info – not only the e-mail scam. The “Trojan key-logger” is far more popular and gaining popularity. And, yes, it is possible to record mouse movement as well as keystrokes – Don’t think your “key-pad” you click on or if you cut-and-paste your password that you are 100% safe. People who are victims of these schemes may be unaware at time of logging onto their legitimate web site that their PC is infected with a Trojan virus.
There was a virus a few years back that infected a user’s computer, stayed dormant until it detected the words “User” or “Password” displayed on a web or program page. The virus then became active, recorded keystrokes for a minute and then forwarded the web-site, keystrokes to a public newsgroup on the internet (masking the author’s identity).
The perpetrators of these crimes also don’t necessarily steal your money immediately. They usually collect a lot of usernames, bank account numbers, passwords and use them at the same time having people ready to withdraw funds at various branches in different areas – even different countries. This allows them to transfer and withdraw huge amounts of money at a time and adds to the pressure on the fraud division of the bank as they have to deal with multiple transactions and panicked clients simultaneously and funds going to multiple locations giving the criminals time to make their withdrawals and get-away.
Trojan key-loggers can be embedded in web pages – harmless, frequently used web pages and can take weeks or months to detect by the web-site hosts. It happens more often than you think. A prominent gaming site was hacked a few years back and a script was embedded in an image. Thousands of gamers had their computers hacked. Security on some common web-sites is not as tough as most financial institutions to crack. Hackers might hack a horoscope or sports or news site, plant a Trojan and you download it, unawares that your keystrokes are being recorded.
It is therefore imperative that you have a reliable Anti-Virus, Anti-Malware, Anti-Spyware solution and that you update the “definitions” regularly and avoid any suspect web sites. Porn Sites, Warez (illegal software), pirate serial number generator sites are obviously the most risky to visit as these attract the most people, but a Trojan may be planted on any other popular site. In addition, anything you plug into a computer that has a “logical hard disk drive” such as some cell-phones, iPods, digital cameras, flash-sticks, memory cards can be infected and infect a PC or even a whole network. In the last few years, we have seen a hug increase in these type of infections with USB devices being the carrier. People who distribute pirated movies, games & music usually have the highest risk of being infected with these types of viruses.
Don’t think it can’t happen to you. Not all antivirus programs are equal. Get yourself a decent antivirus and be cautious about which e-mails you open. Call /or e-mail us for advice on what we recommend as well as some free options to do a “peace-of-mind” check with free software.
Contributed by:
Craven Coetzee
Kondura Technologies
Telephone: 086 164 2580
e-Mail: info@kondura.co.za
Internet Web Site: www.kondura.co.za