Banker trojans and phishing threat to Christmas shoppers

Banker trojans and phishing are the most likely threats that online shoppers face this holiday season. However, the potential dangers will not be a major deterrent to this Christmas’s online shopping spree, Panda Security reported.

High street mayhem and long queues create frustration amongst last minute buyers, who naturally turn towards online shopping to ease the purchasing process.

Forecasts for UK internet sales have been raised from GBP 40.2 bln to 53.3 bln, 76% higher than the GBP 30.2 bln recorded for 2006, much to the delight of cyber-crooks whose fraud activity in 2006 caused the loss on average of GBP 4,566 per victim.

“Use of the Internet is at its peak during the Christmas period, when people are making millions of online purchases. For criminals it is the perfect opportunity for phishing and fraud activity on spoof auction pages or online stores,” said Dominic Hoskins, Panda Security UK.

Phishing targets Internet users with emails that simulate to come from a banking entity or an online purchase service. Although this operates on the fairly basic presumption that users will fall for the trick and give away their banking details, it proves to be quite effective in the wake of many online purchases made at the same time.

“Christmas absent-mindedness tends to engulf buyers, who can lose count of the number of purchases they have made, get confused and end up vulnerable to making mistakes,” Hoskins added.

The most common fraud activity expected this Christmas will be associated with Banker trojans. The majority of trojans will try to re-direct users to spoof websites at the time of making a purchase.

Banker trojans are designed to intercept access to bank websites and steal the information entered on visited pages such as account numbers, credit card numbers, PINs or passwords. Trojans will gather this information and send it to the creator to be used, or often sold, for all types of e- crime, from stealing money to identity theft.

Panda Security warns that the reputation of an online banking service or a payment platform such as PayPal will certainly be reassuring during a purchase but a long buying process, going from one webpage to another, can effectively disarm the buyer’s attention and allow trojans to capture keystrokes and steal confidential data. Hijacking brand names of banks, e-retailers and credit card companies, phishers often convince recipients to respond.

Banker trojans accounted for 18.59% of malware infections in 2007 and 24.10% of all infections were caused by trojans.