Online banking sessions are becoming lucrative targets for hackers and thieves. Dark Reading highlights a recent M86 Security report on attacks at a large UK bank. These sophisticated thieves use malware to hijack the browser on the banking customer's PC.
Once the victims logged onto their online banking accounts, the attackers captured account numbers and user credentials. They employed a man-in-the-browser attack that intercepted the victim's money transactions.
One way to prevent such attacks is by ensuring that all online banking is done from a trusted machine. New advances in technology allow trusted virtual machines to boot from a Secure USB stick. The online banking session can be conducted with a hardened browser and multi-factor authentication can be implemented to prevent unauthorized users.
With over $1 million stolen from this one banking institution alone, you can bet that similar attacks are targeting banking customers around the world.