Treasurer urges Oregonians to be cautious when engaging in online financial transactions
— Recent disruptions and Trojan attacks highlight advanced techniques being used by data thieves
By Oregon State Treasurer
SALEM – If you knew a thief was lurking near your bank, you’d be especially careful — and you certainly wouldn’t leave money and your vital financial data out in the open, correct? But what if thieves were able to trespass electronically into your computer, or even your mobile phone? That’s an increasingly common risk as cyberthieves utilize increasingly sophisticated techniques, and it is putting personal financial data and your money at risk, state Treasurer Ted Wheeler is warning.
Among disturbing recent developments is a new virus known as a “ZeuS Banking Trojan,” which steals financial data from infected computers. Computer security experts say thieves are able to purchase the insidious software for as little as $3,000.
“More people than ever are banking online, but you need to be diligent and watch for warning signs that your computer or mobile device is infected,” said State Treasurer Ted Wheeler. “When it comes to your money and your financial data, you can never be too careful.”
Individuals are not the only ones at risk. Financial institutions and corporations are experiencing an exponential increase in online attacks from an array of programs – some of those successful — and not all of those incidents are as well-publicized as recently disclosed data breaches at Citigroup Inc. and the Sony Corp. PlayStation Network.
The program known as the ZeuS Trojan is also called a “Man-in-the-Browser,” and is designed to intercept data as is passes over a secure communication between a user and an online site. A Trojan is a program that masquerades as something desirable, often with the filename of a legitimate program. The Trojan hides in the user’s browser software and is programmed to activate when a user visits certain Internet sites, such as a bank portal.
Cyberthieves are creative in their attempts to trick you into installing the software on your computer. Last week, reports surfaced that users online are seeing a bogus connect request that appears to be from social media site LinkedIn. Clicking the “confirm” button will download a version of the ZeuS Trojan.
The Oregon State Treasury also frequently repels attempted online intrusions, many of them from overseas, and as a result carefully monitors global Internet traffic and trends in viruses used for data theft, known as malware and crimeware.
The activity is tracked by the Treasury’s Information Services department, which is on the front lines when it comes to protecting the finances of the state and local government clients.
Wheeler said computer users need to take utmost care to avoid getting their machines and mobile devices infected, to never download programs from untrusted Web sites, and to watch for clues that an intruder has already breached your firewall. In addition, keep close tabs on your financial accounts to ensure there is no unauthorized activity.
One warning: A problem with Trojan programs is that they hide so well, they can be difficult to detect until it is too late – even by antivirus scanners. That said, computer security experts strongly recommend that you ensure your antivirus software is up-to-date, and update it daily. Security software for mobile devices is an often overlooked way to help protect personal data.
Then, experts advise that you remain continually wary and never download programs onto your computer or mobile device that you do not completely trust.
The Oregon State Treasury protects public assets and saves Oregonians money through its investment, banking, and debt management functions. The office also promotes public outreach and education to help Oregonians learn strategies to save money, invest for college and make smart financial choices.