Featured Savings Rates

Popular Posts

Featured Accounts

Online Banking Fraud - The New Crimeware


A news article reports on the rise of spyware to steal people's bank passwords. Other internet scams like phishing are on the decline as users have become better educated. Unfortunately, the crooks are turning to the more sophisticated spyware techniques in which virus programs infect people's PCs. Here's how the article described the new spyware:

The keylogging programs can install themselves after computer users open faked e-mails, instant messages or even advertisements on mainstream websites. Then they record everything typed on a computer — or just what's typed during user visits to specified financial sites. Such information is sometimes sent to the hackers in neat bundles, with a column for the relevant financial website followed by columns for the user's log-in name and password.

What's scary is that anti-spyware and anti-virus programs may not always prevent theft. An expert interviewed by the reporter described one case in which a "keylogger program installed itself in a way most antivirus software could not block."

Unfortunately, this cybercrime is unlikely to go away even as banks install more sophisticated security measures. The crooks will also get smarter. The article gave one example of new spyware that takes a picture of what's on a computer screen each time a mouse gets clicked. The spyware was used against a British bank's login procedure which required users to log in by clicking graphical numbers rather than typing them in. This login system seems to be similar to the new PIN Guard system that ING Direct just recently added.

Will the Bank Reimburse Me?

If you're a victim of crooks who drain your account using stolen passwords, will the bank reimburse you? It was stated in the article that financial responsibility is unresolved. FDIC says that banks are usually responsible. However, banks have not always agreed to assume this responsibility. One example was given regarding a lawsuit filed against Bank of America by a business owner who had $90K stolen out his online account. Since it was a business account and not a personal account, it wasn't covered by Bank of America's online liability guarantee.

Here's a link to Bank of America's current online banking guarantee. It's similar to HSBC's guarantee. EmigrantDirect's liability guarantee is buried in their terms and conditions page which is linked at the bottom of their home page. The basic responsibility of the user is to notify the bank within 60 days of fraud and to take due diligence with account safeguarding and online security.

The article ended with several tips to protect yourself from online fraud. HSBC also has some detailed info on this, and so does ING Direct.