online banking theft

system · 2007-09-04T11:51:59.000Z

Dear Avasties,

I recently read of theft of E 1.1 million from users of online banking. This was achieved I think by spyware stealing login/password details. Does Avast Home scan for/help prevent this type of evil?
Online transactions of almost any type are my main source of internet unease. I’m a new user of Avast, and am unsure what the program’s capabilities are, as names like “Webshield”, “Standard Shield” etc don’t exactly tell me what these components are. For example, is any of these a firewall ?, does Avast pick up spyware?

Thanks for the program, & this forum

Lisandro · 2007-09-04T12:06:32.000Z

avast detects quite some phishing malware.
Although, it won’t be bad if you have other tools (like AVG antispyware) in your computer too.
WebShield is a protection on-the-fly that scans http (Internet) traffic even before any file is saved in your computer.
Standard Shield is the resident (file) protection of avast.
avast is not a suite, it does not act as a firewall. Try Comodo, PCTools or ZoneAlarm firewalls.

DavidR · 2007-09-04T12:31:05.000Z

These thefts (user name and passwords) are more likely to come from phishing attacks where you get a nice email telling you that your security may have been compromised or you need to complete a security update, etc. etc. and you need to go to the web site to complete the form, etc. When you get their you will have to log-in with your user name and password and bingo it is stolen, now you are in danger of theft of funds and or identity later.

So the moral is don’t click links in unsolicited emails to visit your bank, etc. open your browser and type in your bank’s URL as you won’t be aware that the URL in an email could be displaying a different URL to what you end up at.

avast is an anti-virus and nothing in what has been outlined would be covered by an anti-virus application.

Check out this topic, http://forum.avast.com/index.php?topic=30249.0 for an extension you can check URLs in your Thunderbird (email program) before visiting them, this is only malware checks but it is a step in the right direction.

Another step if using a browser that has an anti-phishing filter built in, IE7 has and so does Firefox, I believe the firefox one is the better of the two (firefox I feel is the more secure browser), they aren’t perfect but another step in the right direction.

You can also pre scan link s with McAfee SiteAdvisor, another security extension for firefox and this checks the security of the site.

system · 2007-09-04T12:52:59.000Z

Thanks Tech & David for replies. David, I’m not asking about those “security alert” email/fake bank website type info-stealing scams, where the victim is fooled into giving away their idetails, but instead about bits of nasty code picked up in emails, by clicking onto thingies in a website, or sneaking in with free software.
In the report I mentioned (in New Scientist) the thefts were apparently accomplished by malware embedded in a free anti-spam filter (not very free, as it turned out).

system · 2007-09-04T14:20:53.000Z

To be honest RCB, anti virus software can only protect you so much. Your best bet is to find out what sort of security measures your bank can offer you. A general rule I follow is to never hook up your main account with debit or credit access. Setup a separate ‘everyday’ account that you place only limited funds into (enough for general bills or any purchase you wish to make) and transfer money into it via phone banking.

No software product alone can protect you completely…

system · 2007-09-04T14:29:53.000Z

ross post:5:

To be honest RCB, anti virus software can only protect you so much. Your best bet is to find out what sort of security measures your bank can offer you. A general rule I follow is to never hook up your main account with debit or credit access. Setup a separate ‘everyday’ account that you place only limited funds into (enough for general bills or any purchase you wish to make) and transfer money into it via phone banking.

No software product alone can protect you completely…

Right you are. This can’t be stressed enough. The company that you deal with is also responsible to help keep you secure as you yourself are. Both working hand and hand…that’s the key.

You also have to make sure you stay as smart and as business savy as you can. Keep up with all of the great security features that are being offered to tighten up your pc.

You should also question your financial institutions when you are in doubt of the amount of security they have for your accounts…it’s important that you do. Call them or stop in and ask as many questions as you want…it’s your money…your life.

It’s not just firewalls…antivirus software…spyware removers as such. It’s everything inbetween that will help you to try to stay as secure as you possibly can.

DavidR · 2007-09-04T14:54:00.000Z

RCB post:4:

Thanks Tech & David for replies. David, I’m not asking about those “security alert” email/fake bank website type info-stealing scams, where the victim is fooled into giving away their idetails, but instead about bits of nasty code picked up in emails, by clicking onto thingies in a website, or sneaking in with free software.
In the report I mentioned (in New Scientist) the thefts were apparently accomplished by malware embedded in a free anti-spam filter (not very free, as it turned out).

If were talking malicious code, then yes avast may be able to help in that regard but nothing is perfect as ross mentions.

Before using ant so called anti-application, be it anti-virus/spyware/spam, etc. then you should first do some research and see what the internet brings up on that, there are many rogue programs out there one good resource is http://www.spywarewarrior.com/rogue_anti-spyware.htm.

The other extensions I mentioned before (DrWeb Link checker, there are others and SiteAdvisor) are also ones that you should try before clicking on a link in a web page.

system · 2007-09-04T14:58:31.000Z

Yes there are so many others security banking such as phone banking that are been use widely…
Its more secure…thus use it…

MikeBCda · 2007-09-04T17:52:18.000Z

One other good source of info about the broader field of malware and security/privacy problems is over at the Wilders Security Forums. You’ll find everything from specific product-support to discussions of what makes for good (or bad) surfing habits.

system · 2007-09-12T02:13:14.000Z

Thanks to all for helpful contributions. Actually, I don’t use online banking much, but this is mainly because of my mistrust of its security. And of course there are many reasons why most of us make payments online, whether we actively use inet banking or not, so we become exposed to potential for theft anyway.
I was thinking it might be reasonable to buy a cheap computer that only goes online for financial transactions, isn’t used for anything else, & isn’t networked, particularly as several family members use our existing computers.

system · 2007-09-12T09:11:42.000Z

IMO a good password manager program such as roboform is good to have to protect against keyloggers.(no logins/password to steal if it isn,t typed on the keyboard).

Announcements