LATEST ONLINE THREAT

SECURITY ALERT – DYRE MALWARE TARGETING ONLINE BANKING CUSTOMERS

DYRE typically infects a user’s computer through a phishing email that contains malicious software attachments. When a user opens an infected email and attachment, the malware would be installed on their computer. DYRE has the capability to steal online banking credentials and to inject new screens into the online banking session to trick users into providing personal information such as usernames, passwords, approval codes and one time passwords. Please be on the alert for any irregularities during their online banking session. Suspicious activity would include: any altered login flow, popup pages requesting personal or credit card data requests for token or mobile phone one time passwords or token codes when you have not initiated any transactions

GUARD AGAINST SECURITY THREATS

We're committed to help you understand the latest online threats better, so that you can protect yourself and stay ahead of scammers. Stay up to date with the latest security alerts

How do I know if my computer is infected with malware? Verify the Integrity of the Website

  • Before performing online banking transactions, make sure that the Bank website you access is genuine.
  • Always login into Daystar Online Offering website through the hyperlinks in Daystar's website when you want to perform offering transactions.
  • Do not login Daystar Online offering through hyperlinks embedded in emails or third party websites.
  • f you are using Internet Explorer: Double click the "padlock" icon at the bottom right corner of the screen to check the security certificate of Daystar Online Offering web portal.

KNOW YOUR THREATS

What is a malware, spyware, adware or Trojan?

The terms malware and spyware refer to any piece of software installed on your computer without your permission.

  • Malware refers to software that causes damage to your computer
  • Spyware gathers information from your computer without your knowledge
  • Adware installs software that displays advertisements on your computer
  • Trojans specifically refer to software that, once installed, secretly installs another piece of software.

WHAT DO THEY DO?

Once installed, a piece of software may activate viruses that:

  • Interrupt and disable basic system operations.
  • Capture and transmit keystrokes that may reveal passwords and other information.
  • Capture and send emails and other personal information.
  • Hijack your network connection, and then use it to send more malware

HOW DOES IT WORK?

Most of the time, members install malware or adware by accident when they click on a link they find in an email message or web page. Malware or spyware may also be unknowingly installed with software from an unreliable source. Such malware or spyware may even be installed together with dubious anti-virus software.

What can you do to protect yourself from malware/spyware?

Real protection from malware and spyware require both technology and knowledge on what to look out for when you use the Internet..

  • Install and run reliable anti-spyware/anti-virus software. Be aware of the installation process and do not click on links that direct you to download other software.
  • Make sure you are accessing links only from trusted sources..
  • Monitor the performance of your machine carefully. If it starts to run slowly, or web traffic begins to behave erratically, run a scan immediately..

Man-In-The-Browser Attack

  • Please be highly aware of a recent online threat known as a Man-In-The-Browser (MITB) attack, where an attacker takes control over a customer's connection and transmits counterfeit screens to the customer in attempt to capture and manipulate customer data..
  • A frequent MITB attack scenario involves the attacker taking control over a customer's login session. The attacker transmits screens similar to the online banking screens requesting the customer to wait while their details are being verified. During this, the attacker would initiate a request for adding payee or updating personal information while the customer's account is being compromised. An SMS containing a One-Time Password (OTP) is sent to the customer's mobile phone as part of the process. More counterfeit screens are transmitted to the customer to prompt the customer to key in the OTP in order for the attacker to proceed with payee addition and/or personal information update.
  • Please do not proceed if you notice an unusual screen or message during your online banking login session.

Most viruses are spread through emails or shared files. When a customer clicks on a link, thinking that they’re opening a photograph or website, the virus gets activated and goes to work right away, causing trouble.

What are viruses?

Viruses are small software applications designed to cause damage to the information on your computer. They may also try to gather sensitive information which can allow others to gain access to your accounts. Like viruses passed between humans, computer viruses usually spread from customer to customer.

What do they do?

Some viruses are malicious, designed to corrupt files and cause problems. Some may attempt to access your email or contacts and try to replicate your email identity, while others may look for sensitive information stored on your computer.

How does it work?

Most viruses are spread through emails or shared files. When a customer clicks on a link, thinking that they’re opening a photograph or website, the virus gets activated and goes to work right away, causing trouble.