There is a new Zeus Trojan horse program that is designed to steal money from your online bank account. This version of Zeus is called Gameover. There is nothing new about Zeus or the Gameover version of Zeus. In fact the FBI estimates that 4 million computers are infected with Zeus. Think of that as 4 million bank accounts that can be robbed.
As software companies like Microsoft and antivirus companies fight this scourge the thieves adopt new methods of finding victims. The hundreds of millions of dollars involved insure that the thieves and the good guys have access to some of the smartest people available. Every time an antivirus company identifies a version of Zeus the thieves change the program so new versions can no longer be detected. The game moves back and forth between the two warring sides, hence the name Game Over.
What you need to know is that the Game Over Trojan attempts to find victims by email. If you receive an email that states it is from the NACHA, FDIC, Federal Reserve bank,those institutions don't send out unsolicited emails. In general you should never trust any unsolicited email and you should never click on any attachment or website in one.
Generally these fake emails attempt to scare you into clicking on them. The message will be something like there is a problem with your bank account or an ACH payment. I receive a lot of these messages and really enjoy the fact that they are from banks that I don’t have accounts at, banks I never heard of or a government agency that doesn’t send out messages of this type. Now that you are clued in you can laugh at them too and not get caught.
Here is what you need to do if you do get infected. First call the bank and change the password to your online account. Do not change it online unless the bank is closed then use a different uninfected computer. Verify that your account was not robbed; again do this on the phone or in person. Ask the bank for help. If this is a personal account they may replace your stolen money. If this is a business account you may be out of luck. If you were robbed you need to make it a matter of record. File a local police report. You should also file a complaint with the Internet Crime Complaint Center, which is jointly operated by the FBI and the NW3C. Their website address is http://www.ic3.gov. You will need to give them as much information as possible including a copy of the email if you still have it.
You can help avoid these problems by making sure your antivirus program and operating system is up to date and the auto-update feature is on. Then don’t click on anything that doesn’t look right, like messages from a bank you don’t deal with.
Peter Radatti is the CEO of the CyberSoft Operating Corporation and has been dealing with computer security for governments for over 24 years. Contact him at www.cybersoft.com.