Malicious software targeting online banking users is evolving and on the rise. These malicious programs are commonly known as Trojans. Malware can find its way onto your computer through spam, phishing emails and malicious websites. Attackers are also targeting users of Social Network sites to spread these malicious programs.

Once they are downloaded, the malware will often place your computer into a network (Bot Net, Bot Network) of infected systems making outbound connections to servers controlled by hackers. Your infected system then downloads additional viruses and malware for the purpose of capturing sensitive information; such as logins to an online banking site. These exploits rely upon your computer being inadequately protected by up-to-date virus protection software.

The "man in the browser" attack is one of the most dangerous techniques used by malware which is similar to a phishing attack. This attack occurs when you use an infected computer to access an online banking site. The malware on your system injects a fraudulent web page into your web browser and modifies the URL in your address bar so that it appears to still be within the online banking site. This may then trick you into believing that the displayed page is legitimate.

The fraudulent page will look very generic and will most likely not have your financial institution's name or logo. For instance the page may appear similar to the following:

Trojan Page Screenshot

Trojan Page Screenshot

If you see a web page similar to the one above while accessing online banking, follow these steps:

  1. Notify Hiway immediately if you submitted your credentials, Credit/ATM Card Number, PIN or any other sensitive information.
  2. Re-install your Operating System or work with a PC specialist or your anti-virus vendor. Remember—if you back up your files, the viruses could be attached or located within them. Make sure you scan these files before moving them to your newly installed system.
  3. Purchase a new anti-virus program or re-install your previous anti-virus program. Make sure you configure the program to check for updates daily.
  4. Make sure your computer is configured with at least two user accounts. The default account has administrator rights. If you use the default account, viruses may be able to modify your system files by using this account. Using an account with basic privileges may help prevent attacks that your anti-virus software has not yet identified.
  5. Use caution when visiting websites, especially Social Networking sites. These sites are primary targets for hackers. Other sites may also be infected by hackers such as free software download sites. If you download a program, picture or some other file make sure to scan it with your anti-virus program before opening or running it. It is always better to save a file downloaded from the internet to your computer first instead of choosing to run or open it right away.

Keep Your Identity Safe

Most anti-virus programs include signatures that can detect and stop these types of Trojans. If your anti-virus program gets outdated or not updated, you will not be protected. It is important to keep your system updated with the latest Operating System and application patches. Use caution when visiting Social Networking sites, free software sites and reading emails. Do not click on links within emails or open attachments from unknown sources.

Are You a Victim of Malware?

If you believe you are the victim of malware and have provided any confidential Hiway account information, please notify us immediately of the scheme by calling 651.291.1515 or 800.899.5626.