from: http://www.aci.net/kalliste/ Click Here: <A HREF="http://www.aci.net/kalliste/">The Home Page of J. Orlin Grabbe</A> ----- Fifth Column Robbing Internet Banks "Trojans" open online accounts. An investigation into online banks has revealed how vulnerable they are to malicious hackers looking to steal the identity of customers. Working with former hacker Gary Chapman, the BBC's Newsnight revealed the methods that computer criminals could use to commit an internet bank robbery. Mr Chapman planted a snooping program on the computer of presenter Sue Nelson and used the information it gathered to assume her online identity. The banks say they are already beefing up security to limit the risk to consumers and make it harder for hackers to steal passwords and identities. Newsnight presenter Sue Nelson set up online accounts at four banks—Barclays, NatWest, Egg and Lloyds—to test their security. She found that it was possible for a determined hacker to steal her password and login details for three of the four accounts. Password no protection Former hacker Gary Chapman helped her show up the weaknesses in online security by sending Ms Nelson an email message which contained a "trojan" or hidden program. Like the legendary wooden horse of Troy that concealed a dangerous payload, the seemingly innocuous e-mail message contained a hidden malicious program. Almost any type of computer program can be used as a trojan and many computer viruses spread themselves in this way. But for Newsnight Mr Chapman concealed a program that logs every key- press made on a computer's keyboard and sends it to the malicious hacker. When the legitimate bank account holder goes online and types in their password the trojan sends the information to the hacker who can later pose as the customer and steal all the money. Key logging programs are available on the internet. "Anyone with a GCSE in computer science could use these tools to hack into a bank account," said Mr Chapman. Called to account Already malicious hackers are trying to use these techniques to collect passwords and pillage accounts. Earlier this month security experts warned of a variant of the Love Bug virus which targeted those who have online accounts with Swiss Bank. Thankfully the badly engineered program, known as VBS/LoveLetter.bd, seems to have failed to harvest any login details and no accounts are believed to have been rifled. The hardest part for hackers is getting users to open the e-mail message containing the trojan. Outbreaks of computer viruses have made people wary of opening messages they are not expecting and has led many to turn off the systems that let trojans install themselves. Peter Sommer, a expert on computer evidence and security at the LSE, said: "If customers want to protect themselves they have to learn rather more about computer security and that tends to become rather complicated." In the wake of the revelations banks are keen to reassure customers that their finances are in safe hands A spokeswoman for Barclays said it was introducing new security measures later this year which would make it harder for a trojan-type attack to succeed. "We have been a bank for a long time," she said, "There have always been fraudsters and we are always working to be one step ahead of them." BBC News, August 24, 2000 ----- Aloha, He'Ping, Om, Shalom, Salaam. Em Hotep, Peace Be, All My Relations. Omnia Bona Bonis, Adieu, Adios, Aloha. Amen. Roads End <A HREF="http://www.ctrl.org/">www.ctrl.org</A> DECLARATION & DISCLAIMER ========== CTRL is a discussion & informational exchange list. Proselytizing propagandic screeds are unwelcomed. Substance—not soap-boxing—please! These are sordid matters and 'conspiracy theory'—with its many half-truths, mis- directions and outright frauds—is used politically by different groups with major and minor effects spread throughout the spectrum of time and thought. That being said, CTRLgives no endorsement to the validity of posts, and always suggests to readers; be wary of what you read. CTRL gives no credence to Holocaust denial and nazi's need not apply. Let us please be civil and as always, Caveat Lector. ======================================================================== Archives Available at: http://peach.ease.lsoft.com/archives/ctrl.html <A HREF="http://peach.ease.lsoft.com/archives/ctrl.html">Archives of [EMAIL PROTECTED]</A> http:[EMAIL PROTECTED]/ <A HREF="http:[EMAIL PROTECTED]/">ctrl</A> ======================================================================== To subscribe to Conspiracy Theory Research List[CTRL] send email: SUBSCRIBE CTRL [to:] [EMAIL PROTECTED] To UNsubscribe to Conspiracy Theory Research List[CTRL] send email: SIGNOFF CTRL [to:] [EMAIL PROTECTED] Om
