Some Internet banking customers here in Singapore have been affected by a spyware programme that infects computers to steal online banking passwords, reported the Straits Times.
The Association of Banks in Singapore (ABS) has issued a warning that there have been a ‘few cases’ of customers whose computers were infected by the SpyEye malware.
Users who visit infected websites, open infected e-mail messages or download unknown files containing the malware from social networking websites unknowingly download the malware.
The next time these users login to their banks’ website, they will see a popup banner with the following message: ‘We are checking your security settings. Please wait 1-10 minutes. Please be patient don’t close and reload the page while we are checking the information.’
ABS warned that this is the most recognisable manifestation of the malware, which means the user’s credentials are being stolen.
There may also be more prompts for an additional one-time password (OTP), which may be sent either to the user’s mobile phone, or through a security token issued by the bank.
Users are warned not to type the OTP if it’s on the same page as the entry forms for the user name and password. Legitimate banking website will ask for the OTP on a separate page, after the user name and password have been entered.
Article source: http://www.asiaone.com/News/AsiaOne+News/Singapore/Story/A1Story20110929-302273.html
View full post on National Cyber Security » Spyware/ Cyber Snooping
