Trojan Automates Phishing Scam
Online banking customers should be wary of a new series of Trojan horses out to filch financial information, said a security firm Monday.
The Tolger line of Trojan horses, said U.K.-based Sophos, target online users of a slew of British-based banks, including users Barclays, HSBC, Lloyds, and Nationwide.
Unlike phishing attacks, which come in singly as individual e-mails, one the Tolger Trojan infects a system, it sits invisibly in the background, monitors which Web sites are put on the browser, and if it recognizes one as an online banking site it ambushes the user by capturing keystrokes and snapping screen shots.
Periodically, that information is packaged and sent to a remote server controlled by the attacker.
“This is very different from the fraudulent e-mails which many computer users receive everyday, trying to lure you to a bogus Web site,” said Graham Cluley, senior technology consultant for Sophos in a statement. “This Trojan waits for the customer to visit the real banking site, and then it captures passwords and account information making robbery a breeze."
Although Tolger watches for British bank access, the technique could easily be used to nab account information from U.S. institutions, which have also been the frequent target of phishing scams.
