The Tofger series of Trojan horses target users of a number of popular UK online banks, including Abbey, Barclays, Cahoot, HSBC, Lloyds, NatWest, Nationwide, and Woolwich.
According to security firm Sophos, the latest version of the Trojan, Tofger-BG, runs in the background of infected PCs, monitoring which websites are being visited. If it recognises an online banking website, it secretly captures keypresses and takes snapshots of what is displayed on the user's monitor. This information is then sent back to remote hackers, who can use the captured data to break into bank accounts and steal money.
"This is very different from the fraudulent emails which many computer users receive everyday, trying to lure you to a bogus website. This Trojan waits for the customer to visit the real banking website, and then it captures passwords and account information making robbery a breeze," said Graham Cluley, senior technology consultant for Sophos.
Cluley recommended that companies protect their email with a consolidated solution to thwart the virus and spam threats as well as secure their desktop and servers with automatically updated anti-virus protection.