Researchers are tracking a spike in banking trojan Shylock infections.
Zscaler's ThreatLabZ researcher Chris Mannon told SC fraudsters were using variants of the malware, also known as Caphaw, to target users' online banking credentials at 24 banks around the world.
Victims were primarily in Europe and included a published list of financial institutions continually targeted by saboteurs.
Several US banks including Bank of America, Wells Fargo Bank, First Citizens Bank, Capital One and Chase were named. Australian banks were not targeted.
Shylock is likely delivered as part of a crimeware kit which exploits vulnerable versions of Java, Zscaler found.