Over the last two years or so, there has been a huge increase in so called Phishing scams. The best way to avoid such scams is to make sure you start a fresh browser session when logging on to your internet bank, and never follow links to it from emails.
The NOD32 virus-radar project (http://www.virus-radar.com) was originally conceived to report on viruses that are contained in email, but in the year that the system has been running, its usefulness has proven to be far wider.
Over the last two years or so, there has been a huge increase in so called Phishing scams. Phishing scams usually take the form of a counterfeit e-mail message, mass-mailed by criminal hackers, purporting to be from the recipient's bank. These scams try to deceive recipients into disclosing credit card numbers, bank account information and various personal details. The email messages are often very professional, and really look as if they came from a bank, financial institution or an ISP. Usually they demand recipients click on a supplied link, and the text in the message often urges or threatens users to carry out the requested action - often this is under the premise that there has been a problem with their account, and that for security reasons, the email recipient must follow the procedure to make sure their internet banking continues to operate correctly. After clicking the link, the targets are sent to a fraudulent site, which looks just like the institution's web site and are asked for sensitive information. These scams rely on tricking the recipient - using techniques sometimes called "social engineering" - into opening the link, and supplying the requested details.
There are a large variety of these scams that imitate various banks and institutions. The groups behind the "phish" then make a profit from the submitted information collected from the people they managed to trick.
Although these emails are not traditional malware - for instance, there is not normally any enclosed attachment containing a virus - Eset's NOD32 antivirus system has the ability to detect such scams. Because of this, virus-radar will often show when a specific type of fraud is particularly prevalent. Recently, two such fraudulent emails have hit the top ten malware detected by virus-radar. (Figure 1) It's a crime that is clearly successful, as the incidence of new Phishing scams is still on the rise.
The best way to avoid such scams is to make sure you start a fresh browser session when logging on to your internet bank, and never follow links to it from emails. Your bank will never ask you for your details such as passwords by email.
You can keep an eye on the latest malware at http://www.virus-radar.com