In what is reported to be the biggest ever online 'heist', Swedish bank Nordea has lost up to $1.1 million (£570,000) to Russian organised criminal using a 'tailor made' Trojan.

Up to 250 of the bank's customers were duped by an email which purported to come from the bank, encouraging Nordea's customers to download a piece of anti-spam software.

This software was in fact a Trojan, called, which was used to direct customers to a fake bank login page and record their keystrokes. Customers were then given a message telling them that the bank's site was experiencing technical difficulties.

According to the Swedish police, these stolen details were sent to servers in the US, and then on to Russia.

Most banks attempt to combat fraud by monitoring large transactions, but in this case, by using a large number of small transactions over a period of several months, the phishers were able to get past the bank's security measures.

It is unusual for banks to admit fraud on such a scale, as they are often fearful of damaging their reputations and affecting the confidence levels of their customers.

Back in December, a senior police officer told a Commons committee that banks were hiding the true extent of online fraud, which could be costing UK businesses far more than the official figure of £1.7 billion a year.

The bank has acted sensibly in this case; as such email-based scams are best stopped by educating the public on the kind of scams used by online fraudsters.

Most banks still have The Fear when it comes to phishing, so much so that we know of some consumer-focused banks which refuse to send out any emails to their customers. Now that's prevention...

Graham Charlton

Published 22 January, 2007 by Graham Charlton

Graham Charlton is the former Editor-in-Chief at Econsultancy. Follow him on Twitter or connect via Linkedin or Google+

2565 more posts from this author

You might be interested in

Comments (0)

Save or Cancel

Enjoying this article?

Get more just like this, delivered to your inbox.

Keep up to date with the latest analysis, inspiration and learning from the Econsultancy blog with our free Digital Pulse newsletter. You will receive a hand-picked digest of the latest and greatest articles, as well as snippets of new market data, best practice guides and trends research.