Microsoft has provided details surrounding evolving malware targeting online banking access. The malware is being downloaded by consumers via infected links accessed through web surfing or fraudulent emails. Once deployed, the malware waits for a user to attempt to access a financial site and redirects them to a fraudulent page.
The goal of the attack is to capture online banking log in credentials (username and password) as they are being typed in by the user. The user is able to complete their online banking session as usual and is unaware that their information has been compromised. The fraudsters can then use the online banking credentials to obtain personal information and make fraudulent transactions.
It is estimated that this attack has already reached over 1 million computer systems and it is spreading quickly. It is also believed that this malware is evading traditional anti-virus protection software.
How can you protect your online banking credentials?
• Always verify that you are accessing the correct URL address for your financial sites. It may be helpful to bookmark these sites to your favorites list to ensure you are always accessing the correct address.
• Be alert to any discrepancies in your online banking session, such as an incorrect security image or unusual pop-ups. If you notice anything unusual, do not proceed with entering your online banking credentials and immediately notify your financial institution.
• Choose strong passwords that are at least 8 digits in length, include letters, numbers and characters and that do not include words commonly found in the dictionary or names, addresses or other information that could easily be guessed about you.
• Use unique passwords for your online banking accounts. Fraudsters often target online merchant and social networking sites in an attempt to obtain username and password combinations with the goal of testing these log in credentials on financial and payment sites.
What can you do to prevent malware?
• If you receive a suspicious or unsolicited email, do not click on any links, images or buttons. Doing so could deploy malware to your computer.
• When performing web searches, always “Stop. Think. Click.” Verify that the link you are accessing is associated with a reputable site before clicking on it.
• Download and maintain a reputable, current anti-virus software for your computer.
• Download and install the latest security updates for your operating system, web browser and any applications you use.
As new viruses and scams are developed daily, we advise that you take steps to ensure your computer and network are secure before entering any personal or financial information online. At Meredith Village Savings Bank, we strive to provide the safest online banking experience to you; however, the majority of threats, such as the attack described in this alert, are targeted directly at the online banking user and aim to exploit vulnerable computer systems and weak log in credentials. Your vigilance is imperative in ensuring that your online banking experience is as secure as possible.
Please be alert to any suspicious activity surrounding your access to NetTeller Online Banking and notify us immediately if you believe your online banking credentials or account information have been compromised. If you have any questions or concerns, please contact us in the way that is most convenient.