Monday, January 9, 2012

Spy Eye Trojan Horse and something on Secure Online transaction

Do you transact Online ?  -  do you book Cinema, Railway tickets through e-transactions; do you make e-transfer of funds, do you pay your Telephone, Electricity bills through on line.. do you download cinemas, programmes, books, games from the Web by making online payment ?


Most of us do .. and e-commerce has grown by leaps and bounds over the years.  Recently there was a news item that actress Sameera Reddy had her bank account hacked and the miscreant in fact called her to tell the same and offered her some advice also !!  -  TOI quoting the actress said that the hacker had called from US and upon checking she realized that 4 lakhs approx had been withdrawn without her knowledge.  The hacker had told her he had watched and enjoyed her movies – having a fan from overseas – would that have made Sameera happy ?


There is something known as ‘secure connection’ – denoted by https:// - Hyper text transfer Protocol with Secure Sockets Layer.  A secure connection is an encrypted exchange of information between the website you are visiting and Internet Explorer. Encryption is provided through a document the website provides called a certificate.  Even if the connection between your computer and the website is encrypted, it does not guarantee that the website is trustworthy. Your privacy can still be compromised by the way the website uses or distributes your information.  In Internet Explorer, you will see a lock icon  in the Security Status bar. The Security Status bar is located on the right side of the Address bar.  The certificate that is used to encrypt the connection also contains information about the identity of the website owner or organization. You can click the lock to view the identity of the website.
Again, the  secure (encrypted) connection is not a guarantee that it is safe to use. A secure connection only assures you of the identity of the website, based on the information provided by the certifying organization. You should only consider giving personal information to a website that you know and trust.


Within our Country, to  minimize online transaction frauds, RBI  has formulated guidelines that both credit and debit card holder have to validate their identity while performing an online transaction.  There can be multiple ways thru which identity validations can be done. One option is to send a transaction code as SMS to user’s mobile on each transaction, using which the transaction can be completed. Another option is to provide users a code generator device.  Some banks provide a digital code generator which has to be used for any transaction online.  Some use  a image and text to validate the user which has to be configured at time of net banking registeration.


With all this it is believed that it would be difficult  for a hacker to gain access of everything including username, password, mobile phone or code generator.


Some have the habit of frequently checking their accounts Online and they perhaps can verify whether there is any suspicious activity or fraudulent attempts to access their accounts.  Now there is a report of a PC  virus that  doesn't just steal your money - it creates fake online bank statements so that the User would not  even  know that their money has already vanished into thin air !!


The news states of a new SpyEye 'trojan horse' software that  steals your card details - then when you log into your online bank, it adjusts your balance so you don't realise anything is wrong. It's already been found in the U.S. and the UK. When so hacked, there would not even be an trace of the transactions that cyber-criminals are using to empty your bank account; worser still, the balance would also be adjusted on screen as to look as if nothing had happened.  And that would give the thieves more time to use the debit card details and for more transactions, till you realize that everything is gone !


So hackers are not only grabbing the PW and login info from the web browser stealthily but also showing you a screen different than what it actually is ! – it is stated that the  new Trojan, instead of intercepting or diverting email messages, hides bogus transactions even after users have logged out and then logged back into their accounts.  One of the measures taken would include switching the 'anti-phishing' option  'on' in Firefox, Chrome or Internet Explorer, which will check for 'blacklisted' websites and prevent your browser being directed to the 'fake' version that delivers your bank statement.


The purpose of this post is not to rattle you to keep away from transactions but only an attempt to warn you of the possible traps that could lay ahead.


With regards – S. Sampathkumar.

No comments:

Post a Comment