Experts at Sophos have warned computer users about Trojan horses that try to fool users of a number of banks into entering their account details.

The Troj/Banker-AR Trojan horse and Troj/Banker-K Trojan horse are designed to steal information from users of a number of Brazilian online banks.

Once a computer is infected with one of the Trojans internet activity is monitored, and if it is determined that the computer user is visiting one of a number of Brazilian banking websites a fake login page is displayed.

"The fake forms popped up by the Trojan horses are intended to steal confidential login information such as account numbers and passwords," said Graham Cluley, senior technology consultant for Sophos. "Unlike traditional 'phishing' attacks the way these Trojan horses work means that the user can have their credentials stolen even if they have visited a legitimate banking site. It's not the website that tricks them, but the Trojan horse working in the background."

Although these particular Trojan horses only target users of Brazilian banks, Sophos warns that computer criminals can easily adapt the trick for use against any website.

"All computer users should be running an up-to-date anti-virus as well as protecting their PC with firewall technology. This, combined with the safe computing practice of exercising caution over what you choose to run on your computer, can dramatically reduce the risks of these kind of attacks," continued Cluley.


Source : Sophos