Web security company Trusteer have revealed details of an unprecedented online scam targeting internet-banking customers

Banks targeted by 'mind-boggling' online scam

Britain's major banks have been targeted in a "mind-boggling" online scam potentially affecting record numbers of customers.

The sophisticated fraud has been so carefully orchestrated that it is almost impossible for even the most security-conscious clients to detect when they access their accounts.

Web security company Trusteer said it was impossible to estimate the financial impact of the scheme but warned the "very serious" cyber assault could have an unprecedented reach and cause widespread damage.

It is unclear which banks have been singled out by the hackers but the attack is said to affect "quite a few" major establishments.

Etay Maor, fraud prevention solutions manager at Trusteer, said those behind the latest breach had devised an "unbelievable" technique to defraud bank clients when they log on using malware that remains idle until a user accesses an online bank account.

The Ramnit malware then asks the customer to enter a one-time password, using a message created to appear as if it were sent from the bank, before it diverts funds from a customer's account.

Unlike previous attacks of its kind, the Ramnit authors have taken an extra step and doctored the banks' FAQ sections to reassure suspicious clients that the instructions they receive are legitimate.

Maor says: "It is mind-boggling. They even modify the language in the FAQ section to support the new procedure.

"I don't like giving credit to bad guys but they have done their job very well. They are trying to cover every aspect to ensure the user falls victim to the scam. To go into the FAQ section, it's unbelievable."

The scam is believed to have been launched a couple of weeks ago and it is unclear where those behind it are based.

Maor said the attack could be stopped using specially-designed software which can detect and kill the malware.

"This has the potential to affect more people than any other attack and even those people who are security aware and those people who go to check the FAQ will still fall victim to this. That is what is concerning about it,” says Maor.

"Technically speaking, this is not very difficult to do but nobody has done it before. It isn't the most sophisticated attack out there but it's a whole new level of social engineering."

Recent articles

Info Message

Our sites use cookies to support some functionality, and to collect anonymous user data.

Learn more about IET cookies and how to control them