New Internet Threats Target Millions Engaged in Banking Online

BOULDER, Colo., Aug. 27 /PRNewswire/ -- An estimated 98 million Americans bank
online, thanks to Web-based bill-paying, money transfers and other activities
made possible by financial institutions and service providers. The convenience
of completing these tasks at home helps simplify hectic schedules and provides
customers with 24-hour account access. 

(Photo:  http://www.newscom.com/cgi-bin/prnh/20090827/NYFNSF01)

Although financial institutions have security measures in place to protect
their customers, cybercriminals have devised ways to circumvent some of these
security devices. One tactic is to attack a bank customer's computer with a
technique called keystroke logging (or just keylogging), which puts both your
identity and your finances at risk.

Internet security firm Webroot reports that cybercriminals are churning out
new variants of malware programs designed to log keystrokes at an increasing
rate. One such program is called Zbot, which can activate while the owner of
an infected PC is browsing a financial institution's Web site. In recent
months, Webroot's Threat Research Lab has detected a steady increase in the
incidents of Zbot. The program - and others like it - can not only record what
a person types, such as the bank account username and password, but can also
steal the responses to "security questions" the bank might ask. Some versions
of Zbot can take pictures of the screen whenever the bank customer clicks his
mouse, which defeats even "soft" on-screen keyboards that some banks use
specifically to thwart keyloggers.

"Online banking sites are tempting and potentially very lucrative channels for
cybercriminals to target a great mass of people," said Mike Kronenberg, chief
technology officer for Webroot's consumer security division. "We're seeing
malware authors rapidly update their banking Trojan programs in an effort to
avoid detection by Internet security solutions. This means consumers need to
stay on top of protecting themselves online."

Kronenberg recommends three key steps for protecting your personal finances
and your identity online: 

Be Protected: Make sure you have a reputable antispyware and antivirus program
installed on your computer. Be careful when doing searches for "free"
antivirus software because the results are often decoys that have malicious
programming built in to them.

Stay Protected: Suppress the urge to hit the ignore button when you get those
pesky reminders asking if you would like to check for updates. By having the
most up-to-date software for both your operating system (like Windows or
Linux) and your antispyware and antivirus program, you get the highest level
of security. 

Diversity is key: Would you ever use the same key for your car, office and
your home? Although it may seem simplest to just use the same password for all
your online accounts, it is perhaps the riskiest thing you can do to open
yourself up to identity theft. If just one of your accounts is hacked it opens
the door for the thief to gain access to all of them. 


SOURCE  Webroot Software

MacLean Guthrie of Webroot Software, +1-720-842-3164