Organised crime syndicates are using the internet to steal money from unsuspecting customers of online banking. Some of the software being developed by the criminals is worryingly effective. For example, take the case of one program that was used to steal money from almost 10,000 accounts.

The trojan software spreads via a malicious email attachment. Click on the attachment, and a program gets installed on your computer which routes all your internet traffic through the hackers' server which happens to be on the anonymous Tor network. So although it appears that you're talking to your bank's web site, you're actually connected to the hackers' server which is doing a fine job of impersonating the bank. Except that it's also capturing all the usernames and passwords that you enter.

Security experts always advise that you never type confidential data such as banking passwords into a web site unless that site is using encryption, which will be obvious because of the padlock symbol on your browser and the https:// (the s stands for secure) at the start of the web address. But the hackers managed to find a way around this, by using the trojan software to install a "rogue certificate" file on the victims' computers. A certificate tells a computer which servers and sites to trust. So when you see the https:// and the padlock symbol, this is merely showing you that your computer has been persuaded to trust the criminals' fake bank website.

Sigcheck, a free utility from SysInternals, will scan your PC and look for suspicious certificate files that have been installed. If it finds any, you can then uninstall them via standard means within Windows. Read More