Cyber attack warning after millions stolen from UK bank accounts

Simon · Oct 13, 2015, 22:58:31

Britain's top crime agency has warned internet users to protect themselves against cyber attacks that have seen fraudsters steal millions of pounds from UK bank accounts.

The National Crime Agency (NCA) said a virus is being used by hackers to harvest online banking details and gain access to accounts across the country.

Dridex malware has been developed by technically skilled cyber criminals, with UK losses estimated to run to £20m.

http://www.theguardian.com/technology/2015/oct/13/nca-in-safety-warning-after-millions-stolen-from-uk-bank-accounts

gizmo71 · Oct 14, 2015, 07:14:32

It does beg the question why don't banks use or at least offer two factor authentication - RFC 6238 is well supported, there really isn't any excuse for continuing to use easily captured passwords.

It also emphasizes how stupid it was for Microsoft to allow scripts to be put in documents...

nowster · Oct 14, 2015, 09:25:16

Many do! For new payees I need to get out my debit card and put it into an external reader, feed in my PIN, the payee account number and the amount. It then spits out a 6 digit value (which only seems to vary in the last 5 digits) which I then have to type into the website.

armadillo · Oct 14, 2015, 14:09:42

The most significant factor in this exploit is, as usual, human weakness. Banks will never send documents in an unsolicited email. This exploit requires the victim to open a document so received. Such documents can only be malicious. No amount of extra password security, card readers or any other technology would mitigate this or similar exploits.

In fact, I believe that increased technical security measures might actually increase general vulnerability. As it becomes more difficult to exploit technical flaws, criminals focus more on the unprotected weak link, the human.

Simon · Oct 14, 2015, 14:37:23

Sadly, we probably all know people who could fall victim to this. I have a friend who now forwards me any email attachments she receives, for me to determine whether they are safe!

zappaDPJ · Oct 14, 2015, 16:25:24

There was a time when thought I could spot a malicious email but I've got it wrong twice now and managed to infect my PC both times. The first email that got me was from a tiny, local charity that I devote time to. They sent me an invoice as an attachment which I thought was a little odd but everything looked legit so I opened it. The second appeared to be a spreadsheet from my daughter in her full name, from her email address.

As far as I'm concerned email is a useless tool now. I get hundreds every week and never read any of them.

colirv · Oct 14, 2015, 17:49:35

These attachments that infected your PC - were they opened in MS Office, and if so do you have macros permanently disabled?

zappaDPJ · Oct 14, 2015, 18:37:45

Quote from: colirv on Oct 14, 2015, 17:49:35
These attachments that infected your PC - were they opened in MS Office, and if so do you have macros permanently disabled?

As far as I recall one was a Word document which was opened in Outlook while the other was an Excel sheet opened directly from Excel. I usually get a warning in Excel if a macro tries to run but I don't recall disabling them.

colirv · Oct 14, 2015, 21:46:22

Quote from: zappaDPJ on Oct 14, 2015, 18:37:45
I usually get a warning in Excel if a macro tries to run but I don't recall disabling them.

They should be disabled by default. Easy enough to check - maybe Options/Trust Center Settings/Macro Settings.

zappaDPJ · Oct 14, 2015, 21:55:37

Quote from: colirv on Oct 14, 2015, 21:46:22
They should be disabled by default. Easy enough to check - maybe Options/Trust Center Settings/Macro Settings.

They are set to disabled with notification.

Technical Ben · Oct 16, 2015, 20:40:26

Quote from: armadillo on Oct 14, 2015, 14:09:42
The most significant factor in this exploit is, as usual, human weakness. Banks will never send documents in an unsolicited email. This exploit requires the victim to open a document so received. Such documents can only be malicious. No amount of extra password security, card readers or any other technology would mitigate this or similar exploits.

In fact, I believe that increased technical security measures might actually increase general vulnerability. As it becomes more difficult to exploit technical flaws, criminals focus more on the unprotected weak link, the human.

This. I might get friends, family and neighbours to sign a disclaimer stating that "If Microsoft or BT phone asking me to install a 'helper tool' I will not do it". With the small print that if they do, I'm declaring myself "closed" and "retired" from any assistance calls from them...

... yes, guess what I'm doing this weekend.