Security Alerts

Spyware and Malicious Software Programs Targeting Online Banking Sites

Commerce Bank has detected a recent increase in malicious Spyware and Trojan programs targeting many banks’ Online Banking sites. We want you to know what these programs are, how they might affect you, and what to do to lessen your exposure to these programs.

What is a Trojan and what does it do?

A Trojan is a malicious program that can:

• Unknowingly attach itself to your computer and its applications, including your web browser.
• Run without your knowledge with the intent to gain your personal information.

We are seeing an increase in Trojans which appear in the form of a pop-up screen once a user has logged in to an online banking site. The pop-up asks customers to disclose sensitive information such as account usernames and passwords, PIN numbers, credit card numbers, ATM codes, mother’s maiden name, etc.

How does a Trojan infect a computer?

Trojans infect computers through many ways, including general web browsing, selecting attachments in emails, and selecting links within an email, Instant Messages, or SMS text messages. While some of these Trojans are detected with current AntiVirus software programs, some are known as Day Zero Trojans, and there may be no anti-virus file yet available to detect the Trojan.

How do I lessen potential exposure to various types of Trojans?

While this list is not comprehensive and is not a 100% guarantee, the following list offers some best practices and recommendations that may lessen your potential exposure.

• Install and run Antivirus software that is configured for daily updates.
• Install a personal firewall and ensure it is ON when web browsing.
• Install and run anti-spyware software.
• Ensure desktop operating system and browser updates are applied on a frequent basis.
• Consider using a dedicated PC for all your financial transactions. Links and applications within social networking sites such as YouTube and Facebook (and others) are a haven for Trojans. If possible, do not access your bank accounts from a computer that you use to access Social Networking sites.
• Turn on automated scanning of email attachments within your email software program.
• Never access bank accounts from cafés or public wi-fi hotspots.
• Ensure you are using browsers that tell you what site you are at by providing domain highlighting and site verification.
• Do not open attachments or selects links within unsolicited emails.

As a reminder, in the normal course of business, Commerce Bank would not ask our customers via email or any other means to enter (or record) account information online for any reason. Our best advice is to never provide account information online and do not share your username or password under any circumstance.

Commerce Bank takes the security of your account very seriously. If you believe you have been a victim to this type of Trojan and have input confidential data into an impersonating site or pop-up screen, please call us immediately for assistance.

For questions about customer security online call us at 800-986-2265. Our hours are 7:30 a.m. – 10 p.m. Monday through Friday and 7:30 a.m. – 4 p.m. on Saturday Central Time.

• How to Protect Yourself
• How to Protect Your Small Business