42244 0 3 econsultancy_xml <p>This software was in fact a Trojan, called <a href="http://www.f-secure.com/v-descs/haxdoor_ki.shtml">haxdoor.ki</a>, which was used to direct customers to a fake bank login page and record their keystrokes. Customers were then given a message telling them that the bank's site was experiencing technical difficulties. </p> <p>According to the Swedish police, these stolen details were sent to servers in the US, and then on to Russia. </p> <p>Most banks attempt to combat fraud by monitoring large transactions, but in this case, by using a large number of small transactions over a period of several months, the phishers were able to get past the bank's security measures. </p> <p>It is unusual for banks to admit fraud on such a scale, as they are often fearful of damaging their reputations and affecting the confidence levels of their customers. </p> <p>Back in December, a senior police officer told a Commons committee that <a href="/blog/604-banks-reluctant-to-reveal-full-extent-of-online-fraud">banks were hiding the true extent of online fraud</a>, which could be costing UK businesses far more than the official figure of £1.7 billion a year. </p> <p>The bank has acted sensibly in this case; as such email-based scams are best stopped by educating the public on the kind of scams used by online fraudsters. </p> <p>Most banks still have The Fear when it comes to phishing, so much so that we know of some consumer-focused banks which refuse to send out <em>any </em>emails to their customers. Now that's prevention...</p> <FormattedContent xmlns="http://www.e-consultancy.com/schema/formattedContent/"> <Paragraph>This software was in fact a Trojan, called <Link URL="http://www.f-secure.com/v-descs/haxdoor_ki.shtml" Window="New">haxdoor.ki</Link>, which was used to direct customers to a fake bank login page and record their keystrokes. Customers were then given a message telling them that the bank's site was experiencing technical difficulties. </Paragraph> <Paragraph>According to the Swedish police, these stolen details were sent to servers in the US, and then on to Russia. </Paragraph> <Paragraph>Most banks attempt to combat fraud by monitoring large transactions, but in this case, by using a large number of small transactions over a period of several months, the phishers were able to get past the bank's security measures. </Paragraph> <Paragraph>It is unusual for banks to admit fraud on such a scale, as they are often fearful of damaging their reputations and affecting the confidence levels of their customers. </Paragraph> <Paragraph>Back in December, a senior police officer told a Commons committee that <Link URL="/blog/604-banks-reluctant-to-reveal-full-extent-of-online-fraud" Window="New">banks were hiding the true extent of online fraud</Link>, which could be costing UK businesses far more than the official figure of £1.7 billion a year. </Paragraph> <Paragraph>The bank has acted sensibly in this case; as such email-based scams are best stopped by educating the public on the kind of scams used by online fraudsters. </Paragraph> <Paragraph>Most banks still have The Fear when it comes to phishing, so much so that we know of some consumer-focused banks which refuse to send out <Quote>any </Quote>emails to their customers. Now that's prevention...</Paragraph> </FormattedContent> 2007-01-22T10:59:00+00:00 0 1 econsultancy_xml <p> <strong>In what is reported to be the biggest ever online 'heist', Swedish bank Nordea has lost up to $1.1 million (£570,000) to Russian organised criminal using a 'tailor made' Trojan.</strong> </p> <p>Up to 250 of the bank's customers were duped by an email which purported to come from the bank, encouraging <a href="http://www.nordea.com/sitemod/default/portal.aspx?pid=49092">Nordea's</a> customers to download a piece of anti-spam software. </p> <FormattedContent xmlns="http://www.e-consultancy.com/schema/formattedContent/"> <Paragraph> <Emphasis>In what is reported to be the biggest ever online 'heist', Swedish bank Nordea has lost up to $1.1 million (£570,000) to Russian organised criminal using a 'tailor made' Trojan.</Emphasis> </Paragraph> <Paragraph>Up to 250 of the bank's customers were duped by an email which purported to come from the bank, encouraging <Link URL="http://www.nordea.com/sitemod/default/portal.aspx?pid=49092" Window="New">Nordea's</Link> customers to download a piece of anti-spam software. </Paragraph> </FormattedContent> false 740 362516 Swedish bank loses $1.1m to online fraud false 2007-01-22T12:02:00+00:00 swedish-bank-loses-1-1m-to-online-fraud 2009-04-28T22:41:50+01:00 2009-04-28T22:41:50+01:00 205