Aussies battered by financial attacks

Stephen Withers
Thursday, 29 November 2007 11:28

Your IT - Home IT

Web and email attacks involving Australian financial institutions are increasing.

According to PC Tools subsidiary ThreatFire, the Bankject Trojan is becoming increasingly active.

Bankject targets Australian banking customers by injecting malicious HTML into pages from genuine Internet banking sites, stealing information including passwords, credit card details and ATM PINs. These details are transmitted to the attacker, which can then sell the information on the black market or use it to carry out fraudulent transactions.

"This threat is a reminder to bank customers around the world that you have to be constantly vigilant against online security threats and follow the advice of banks to avoid risks to your security information," said PC Tools senior malware analyst Sergei Shevchenko.

"Every bank customer should have updated anti-virus and anti-spyware software on their personal computer at home to protect themselves."

Bankject apparently originates from Russia.

Meanwhile, a spam campaign purportedly coming from BPay is hitting Australians' email boxes. The message, in broken English, says an attachment is an image of a cheque "for verification of the holder address" and asks for the recipient's signature.

Since BPay is an alternative to paying by cheque, it is hard to see who the culprits hope to fool.

At least some of the emails are being sent through servers in France, but their actual origin is unknown.

tramadol name listing