Helsinki, 21 November 2007 - F-Secure warns computer users of an upsurge in attacks against banking sites, targeting personal user data. These attacks use a new generation of malicious codes, in a technique called "Man in the Browser".
Historically, cyber criminals have always sought ways of
stealing the personal and banking data of web users. The techniques
used by these criminals have become more sophisticated, in order to
adapt in turn to the growing sophistication of the security
solutions. It started with software that was capable of retrieving
the data typed into the computer keyboard ("keyloggers"), and then
more complex mechanisms arrived on the scene, such as phishing and
pharming. Phishing uses emails that the sender disguises to look as
if they come from a financial establishment. When the web user
clicks on the link contained in the mail, he finds himself on a
bogus site that imitates that of his bank, and which retrieves his
personal banking data.
Pharming consists in automatically redirecting the web user to a
false site (imitating the site of his bank) when the user wishes to
visit the real site, but without the user having to click on a link
of any kind, since the usurping of the address takes place at
Internet level. The "Man in the Middle" technique consists in the
cyber criminal pretending to be the bank's site, intercepting the
data passed by the user, and then using that data to access the
real bank site to gain access to the account.
The latest technique used for these attacks is known as "Man in
the Browser". Once the PC has been infected, the malicious code is
only triggered when the web user visits his online bank site. This
type of malware is capable of retrieving the information (login and
password) that is entered by the web user on the real web page of
the bank site by intercepting the HTML code on his web browser.
This personal data is then sent directly to an FTP site where the
cyber criminal stores it, before selling it on to the highest
bidder on other web sites used by cyber-criminals.
Security products using behavioral analysis are the best
solution against such attacks, as the malicious codes are designed
specifically for certain banking sites. They are not distributed en
masse, unlike attacks using phishing, for example. This restricted
distribution constitutes a real challenge for security software
publishers when it comes to referencing these viruses and using
signature recognition.
"With the enhancements that banks have deployed in terms of
authentication security on their online banking sites, phishing
attacks are becoming less and less effective, and attacks of the
'Man in the Browser' type are set to increase," says Mikko
Hypponen, the Chief Research Officer at F-Secure.
F-Secure security solutions feature behavioral analysis, the
dedicated F-Secure Deepguard engine being an example of this.
For further information about F-Secure solutions, please go to:
www.f-secure.com
About F-Secure Corporation
F-Secure Corporation protects consumers and businesses against
computer viruses and other threats from the Internet and mobile
networks. F-Secure's award-winning solutions are available as a
service subscription through more than 150 Internet service
providers and mobile operator partners around the world, making
F-Secure the global leader in this market. The solutions are also
available as licensed products through thousands of resellers
globally.
F-Secure has received the Frost & Sullivan 2007 award for
Distribution Strategy Leadership. The company aspires to be the
most reliable security provider, helping make computer and
smartphone user's networked lives safe and easy. This is
substantiated by the company's independently proven ability to
respond faster to new threats than its main competitors. Founded in
1988 and headquartered in Finland, F-Secure has been listed on the
OMX Nordic Exchange Helsinki since 1999. The company has
consistently been one of the fastest growing publicly listed
companies in the industry. The latest news on real-time virus
threat scenarios is available at the F-Secure Data Security Lab
weblog at
http://www.f-secure.com/weblog/ .
For more information, please contact:
F-Secure Corporation
Henrietta Malmari, Corporate Communicator
Tel. +358 9 2520 5315
Email: firstname.lastname@f-secure.com
