The Demon Spawn Malware Targeting Your Bank Account

The internet is a strange and dangerous place, especially when it comes to your personal information. With all the hackers and scammers out there, protecting your information in cyberspace is much more of a challenge these days than simply demonstrating common sense. And you can’t just rely on your bank’s internet security measures anymore.

Cyber-thieves have now found another way to target your information with a super hybrid malware combination. Recently IBM X-Force Research discovered the Trojan hybrid of the Gozi and Nymaim ISFB malware. Dubbed the GozNym, this malware combination has targeted 22 banks, credit unions and popular e-commerce platforms in the U.S, plus two financial institutions based in Canada, according to a blog post by IBM X-Force.

Unlike other recent attacks aimed directly at banks, GozNym uses email to target account holders, IBM Security’s Etay Maor, executive security adviser, told The Wall Street Journal. GozNym is installed when the account holder clicks on an email link or attachment. It then remains dormant until the victim logs into their bank account

Although you aren’t able to prevent identity theft or fraud entirely, security expert and Credit.com Co-Founder Adam Levin recommends a strategy called the 3 Ms to make yourself a moving target for thieves.

Minimize your exposure. Don’t authenticate yourself to anyone unless you are in control of the interaction. Don’t over-share on social media. Be a good steward of your passwords, safeguard any documents that can be used to hijack your identity and consider freezing your credit.

Monitor your accounts. Check your credit report regularly (you can get free annual credit reports), keep track of your credit score and review major accounts daily. (You can view two of your credit scores for free every month on Credit.com.) You can also sign up for free transaction alerts from financial services institutions and credit card companies, or purchase a sophisticated credit and identity monitoring program.

Manage the damage. Make sure you get on top of any incursion into your identity quickly and/or enroll in a program where professionals help you navigate and resolve identity compromises — oftentimes available for free, or at minimal cost, through insurance companies, financial services institutions and HR departments.

In the event your a victim of bank fraud, identity theft or another type of cyber crime, informing your financial institutions and others can help alleviate the situation as quickly as possible. There are also some free credit monitoring tools to make sure your credit has not been compromised either.