The BBC news online reports that there has been a big jump in online banking fraud in 2008 due to fraudsters using malicious software programs called “keylogging” programs that track what keystrokes you type on a computer. This is occuring not in internet cafes or on public computers, but on online banking customers’ home computers.
How does this malicious software get on one’s computer? A spokeswoman for Apacs, the UK’s online payments association, explains that it happens when people click on unsolicited emails and open the attachments. These attachments may disguise themselves as harmless photos, songs, or news stories, while the malicious keylogger program secretly installs itself. The program then tracks the victim’s keystrokes in order to gather credit card numbers and online banking passwords, which are then secretly mailed back to the criminals behind the fraud.
“The industry continues to remind customers to ensure that they have their computer’s firewall switched on and anti-virus software up to date,” said the Apacs spokeswoman.
Total fraud losses on UK debit and credit cards rose by 14% to £609m. Most victims of card fraud in the UK are not liable, so their money is refunded. Anyone in the UK who is a victim of fraud is not liable, under terms outlined in the Banking Code. As long as they have not acted fraudulently or without “reasonable care”, they will be reimbursed if somebody uses their card, steals it, or clones it. The code says that if somebody uses a card before it is reported lost or stolen, or somebody knows a Pin, then the victim could have to pay the first £50 that is lost.
To quote the sergeant from the old American cop show Hill Street Blues: “Let’s be careful out there.”