[an error occurred while processing this directive]
BBC News
watch One-Minute World News
Last Updated: Friday, 19 January 2007, 17:10 GMT
Bank loses $1.1m to online fraud
Nordea branch sign
Nordea says it has refunded the affected account holders
Internet fraudsters have stolen around 8m kronor ($1.1m; 576,000) from account holders at Swedish bank Nordea.

The theft, described by Swedish media as the world's biggest online fraud, took place over three months.

The criminals siphoned money from customers' accounts after obtaining login details using a malicious program that claimed to be anti-spam software.

Nordea said it had now refunded the lost money to all 250 customers affected by the scam.

"What is important is that none of our customers will have lost their money," said a bank spokesman.

"We are doing all we can to stop this."

Largest Nordic bank

The attack used a program called a trojan, known as haxdoor.ki, to obtain customers details. Trojans are programs that look benign but contain malicious software.

Victims were duped into downloading the program after receiving an email, purporting to come from the bank, encouraging them to download anti-spam software.

Once installed the trojan monitored the PCs' online activities.

"It listens for key web addresses, in this case the Nordea bank address," said Greg Day, security analyst at McAfee.

When a user navigated to the Nordea bank login page, the trojan would kick into action, saving the customers login details. It then displayed an error message asking them to resend the information.

With two access codes the criminals could transfer money from the customer's accounts.

Trade newspaper Computer Sweden said the police had traced the fraudulent emails first to computer servers in the US and then to Russia.

Nordea added that customers who had been affected often did not have any anti-virus protection on their computers.

The bank, which has 2.2 million customers, is the largest across the four Nordic nations of Norway, Denmark, Sweden and Finland.

In August 2005, it was forced to temporarily shut down its online arm due to a sophisticated phishing attack.




SEE ALSO
Online scams target the wealthy
10 Nov 06 |  Technology
Research reveals phishing hooks
05 Apr 06 |  Technology
European phishing gangs targeted
20 Mar 06 |  Technology
Criminals target viruses for cash
28 Dec 05 |  Technology

RELATED INTERNET LINKS
The BBC is not responsible for the content of external internet sites



FEATURES, VIEWS, ANALYSIS
Has China's housing bubble burst?
How the world's oldest clove tree defied an empire
Why Royal Ballet principal Sergei Polunin quit

PRODUCTS & SERVICES

Americas Africa Europe Middle East South Asia Asia Pacific