Shylock Banking Trojan
What is it?
Shylock is a banking Trojan first discovered in 2011. It utilizes man-in-the-browser attacks designed to pilfer banking login credentials from the PC’s of clients of a predetermined list of target organizations. Most of these organizations are banks located in different countries.
How do I know I am infected?
The best way to check if your computer was infected with Shylock malware or not is to use anti-malware scanning tools that are widely available on the Internet.
How do I protect against it?
In order to protect against Shylock and other banking malware, the following security rules are recommended:
- Don’t open email attachments or hyperlinks you receive from an unknown sender. They could contain malware.
- Even if you receive a message with a link or attachment from a friend in a social network or messenger, try to verify the legitimacy of the message via alternative communication channels. Unfortunately, hacked social networks and messengers accounts are often used to spread malware.
- When receiving an email or SMS from your bank, keep in mind that banks never ask to provide them with pin codes or passwords from accounts. It is also useful to remember that banks always use corporate mail domains for customer mailings and never use publicly available email services.
- Try to avoid phishing websites: check whether a site uses a secure connection (https in the beginning of address bar);
- Avoid entering your sensitive data while using a public Wi-Fi network
- Use a reliable security solution to prevent against banking malware activities