Spam, scams and cyber-crooks

This extremely nasty PC virus steals your online login details and then cleans out your accounts. Here's how to keep your money safe online.

When you go online and onto the World Wide Web, your PC (or Mac) joins a network of hundreds of millions of computers. In effect, your PC becomes a single node in a massive spider web of technology spanning the entire globe.

Just as in the real world, unsafe and reckless acts can lead to unwanted infections. Therefore, you need to exercise self-control when surfing. Alas, one careless click on a nasty link, website or email could lead to you losing much, much more than the contents of your hard drive...

Crack down on Clampi

One dangerous PC virus currently doing the rounds is Clampi, the code for which lurks in many websites and spam (unwanted) emails. Although varieties of this Trojan virus have been circulating for four years, the latest version is notably nastier.

Your machine is mostly likely to be infected by Clampi when you visit a dodgy website or click on a link in a spam email. Once aboard, Clampi works away unnoticed in the background, stealthily recording your online-banking details. The big deal about Clampi is that it captures usernames and passwords for over 4,500 different financial websites, including all the UK's major high-street names.

Thus, when you sign into your online bank, building society, credit card, share-dealing or savings account using an infected computer, Clampi grabs your personal data. This information is then transmitted to the crooks who designed this virus. They immediately set to work, plundering your online accounts for every last penny.

Businesses beware!

In recent days, online-security firms have warned that the number of PCs infected by Clampi is on the increase, especially in the UK and US. Security firm Symantec estimates than over a thousand UK users have been infected by Clampi, but is merely the tip of the iceberg.

Already, there have been some high-profile frauds. As well as individuals, small businesses and government departments have come under attack. For example, one school district in Pennsylvania, USA, had nearly $705,000 transferred out of its bank accounts. The Western Beaver School District is now suing its bank, ESB Financial, for the $441,000 which it was unable to claw back.

Twelve tips to stay secure online

1. The good news is that Clampi exploits a weakness in Microsoft Windows, so it does not infect Apple Macs or PCs using other operating systems. (Mac users are tremendously proud of their low infection rate, as only two viruses target Mac OS X.)

2. Thus, by switching from Windows to an open-source OS such as Linux or Ubuntu, you can avoid all malicious software which targets Windows flaws. It would be wise to consult your local computer guru before going down this route.

3. To protect your PC from viruses, Trojans and other malware (nasty programs), get into the habit of running a reliable anti-virus program at least once a week. My favourite is AVG Free.

4. Use Windows Update to keep Windows and Microsoft Office up to date. Also, check other programs for vulnerabilities by using the excellent Secunia Personal Software Inspector.

5. Don't open suspicious emails from unknown senders, as they may well contain malicious code or weblinks -- and use a spam filter. The same goes for instant messages from strangers.

6. Be careful what personal information you reveal on social-networking websites such as Facebook, MySpace and so on. Being too open could leave you open to cyber-fraud.

7. Be vigilant when you're off the beaten track or visiting non-mainstream websites. For example, cyber-criminals often hide viruses within pornography, gambling and dodgy pharmaceutical websites.

8. Ask your bank whether it provides 'hardware token authenticators' which add another layer of protection. For example, my business bank account comes with an RSA SecurID token generator, which produces a unique six-digit passcode every 60 seconds which is uncrackable to outsiders.

9. Use only 100% secure PCs to access your online-banking accounts. Generally, this means your home PC or laptop. In addition, be suspicious of work-based PCs and never use public PCs to access any online accounts.

10. If you suspect that your PC has been infected, then change your passwords immediately by telephone your bank's fraud helpline. Do not use your PC until you are sure that it has been properly disinfected, as viruses have a nasty habit of coming back.

11. Always pay for online purchases using a credit card, as you enjoy the legal protection of Section 75 of the Consumer Credit Act. You do not have these rights when paying by debit card.

12. For more advice, visit the Get Safe Online and Bank Safe Online websites.

More: Find a superior savings account | Twelve tips to keep you safe online | How to spot a scam

Comments


View Comments

Share the love