What is Malware Fraud?
What is a Trojan?
Trojans are a type of malware that like the Trojan horse from ancient Greek mythology, is disguised as a safe programme and designed to fool users into installing the malware. Trojans are hard to detect as they are becoming more sophisticated, constantly changing and remain passive when not in use. Firewalls and anti-virus software help to defend against Trojans but cannot guarantee full protection.
Watch the video below to learn more about Trojans and how to combat them.
Trojan case studies
To help you become more familiar with how Trojans are used by cyber-criminals here are two case studies.
Case study one
A member of staff clicked on an email attachment from a familiar looking sender. On doing so, a Trojan was downloaded into the machine allowing the fraudster to take control of the PC. A few days later (while attempting to log into their banking platform), the staff member was prompted with a pop-up window entitled “Install Shield Wizard Update’ to update the security signing software. On selecting ‘Next’ the user was prompted to enter their smart card and PIN to begin the download, but in doing so, the user had unwittingly approved unseen fraudulent transactions in the background. The fraudster had created the fake “Install Shield Wizard Update” and displayed it to the user, with the online banking screen purposely hidden from view.
Case Study two
Fraudsters use malware to remotely control your external accounts package and edit existing beneficiaries. They then wait for you to complete the below steps.A supplier or salary run is initiated in the accounts package by a genuine user to pay legitimate invoices or salaries. The payment file is created by the accounts package, now using the amended account details of known beneficiaries. The user then imports the file into Barclays.Net and authorises the payments, only checking the file total rather than checking the beneficiary account information.
How can you protect yourself against Trojans?
Being able to protect yourself and your business from Trojans is really important in order to keep your business and customer data safe. Cyber-criminals are using ever more sophisticated ways breach businesses defences to obtain the information that they want, so it is important that you consider the following to help protect against them.
System security considerations
Click on the images below to find out more
Take extra care when opening unexpected emails and do not download any attachments unless you are confident they are safe. If in doubt, check with the sender using verified details.
Run regular anti-virus scans on your systems and devices to check for infections.
If your computer does get infected, disconnect from the network straight away and seek professional assistance.
Keep your firewalls, anti-virus and security software updated, setting updates to auto where possible. Barclays offers Webroot SecureAnywhere security software free to all of our Digital Channels clients. For more information, please visit the Digital Channels Help Centre.
Online Banking Considerations
Ensure that you only use our supported security devices – the PIN pad reader or Biometric reader. These devices are designed to combat against the latest malware threats.
Ensure that your operating system and browser are in line with the requirements set out in our latest hardware and software guide found on the Digital Channels Help Centre.
Remove your smart card from the reader after you have logged out.
We strongly recommend minimum dual transaction approval for making payments, administration changes and use two separate machines for setting up and approving the transaction.
Be wary of pop-ups offering automatic updates or additional verification steps. You will only ever be asked to authenticate yourself with your security device once, and only when you: log in, make a payment, set up templates or make an administrative change.
Never enter your PIN to allow a download, or re-enter your PIN at login or while making a payment.
Ensure you verify the details of all payments before importing a payment file and approving in Barclays.Net – preferably by at least two people.
Enable the beneficiary validation of imported files within the Admin menu under Service Management to validate imported payment files against a pre-authorised library of beneficiaries. If beneficiary account details have been amended, Barclays.Net will reject the file on import. For more information, please refer to Page 2 of the Importing Payments User Guide within the Help section of Barclays.Net.
If you notice anything unusual on your online banking screen, remove your smart card, abandon your banking session and call Barclays immediately on 0330 156 0155.
This is another type of malware, which enables a fraudster to gain control of your system in order to encrypt your files, and then demand a fee to unlock them. Ransomware can be delivered in various ways, predominantly through attachments in authentic looking emails purporting to be from genuine companies.
Ransomware case study
This case study will help you become more familiar with how ransomware is used by cyber-criminals.
Case study 1
A member of staff at a Small Medium Enterprise (SME) opened an email which appeared to be from a recognised sender and clicked on a link that contained malware. The malware infected the computer system and encrypted all files so that no access could be gained by members of staff. The business did not pay the ransom as there was no guarantee that access to their files would be restored and reported this to Action Fraud immediately.
How can you protect yourself against Ransomware?
Being able to protect yourself and your business from ransomware is really important in order to keep your business and customer data safe.
If you suspect you have encountered ransomware, disconnect yourself from the network immediately
If needed for investigation, do not turn off your machine, as this may destroy vital evidence
Ensure you keep important files backed up and stored off your network. It is recommended that you have more than one backup
If your computer has a ransomware infection, we recommend you do not pay the ransom and report it to Action Fraud immediately on 0300 123 2040. You may be able to remove the infection by visiting www.nomoreransom.org.