UK Bank Cyber Attack

Online attackers steal £20m from UK bank accounts.

15:23 18 October 2015

Online attackers have used a malware called Dridex to steal millions of pounds from unsuspecting victims. The National Crime Agency is working with the FBI and other authorities to track down the criminals, who according to an expert, are particularly cunning to avoid being detected.

 

Prof Alan Woodward, a cybersecurity expert who advises Europol, said: "This is very sneaky software that relied on people not being vigilant with their online banking," 

 

"If you imagine thieves making lots of little transactions, rather than one big one, it is more likely to go unnoticed."

 

The Dridex Trojan was sent to the victims and disguised as an invoice. It infected computers through a malicious Microsoft Office document and relied on tricking people into installing it on their computers. It then gathers bank account details that were sent to the attackers.

"Banks have software running constantly in the background looking for suspicious transactions, but criminals are adopting patterns that are not flagged up," said Prof Woodward.

"With thousands of computers infected, they only need to take a small amount from each bank account and suddenly they've got millions."

 

Prof Woodward said that using anti-virus software would help deter the thieves from taking your money.

 

"All the usual advice applies. Don't open unexpected email attachments, even if they appear to be from the bank.

 

"And check your bank statement for suspicious transactions. Query anything you don't understand, even if it's a small amount, as criminals may be taking a small amount from millions of other people."