Dridex malware is being used by hackers to harvest online banking details
Infects a computer when user opens seemingly legitimate email document
The National Crime Agency estimates British losses will run to £20million
Claim at least one ‘significant arrest’ has been made as part of their probe
Britain’s top crime agency has warned internet banking users to protect themselves against cyber attacks after hackers used a ‘particularly virulent’ virus to steal £20million from UK accounts.
Thousands of computers across Britain are thought to have been infected by the virus, which harvests online banking details so that fraudsters can gain access to accounts.
The National Crime Agency (NCA) said Dridex malware had been developed by technically skilled cyber criminals, with UK losses estimated to run into the tens of millions.
British experts are now working alongside the FBI in an attempt to catch those responsible.
Online security threat: Thousands of computers across Britain are thought to have been infected by a virus which harvests online banking details so that hackers can gain access to a user’s bank account (file photo)
The NCA said at least one ‘significant arrest’ had already been made.
Mike Hulett from the NCA said: ‘This is a particularly virulent form of malware and we have been working with our international law enforcement partners, as well as key partners from industry, to mitigate the damage it causes.
‘Our investigation is ongoing and we expect further arrests to be made.’
Computers become infected when users receive and open documents in seemingly legitimate emails, the NCA said. A number of global financial institutions and a variety of different payment systems have been targeted.
Those with internet bank accounts have been encouraged to visit the CyberStreetWise and GetSafeOnline websites where a number of anti-virus tools are available to download to help clean up infected machines.
Motive: The National Crime Agency (NCA) said the virus is being used by hackers to harvest online banking details and gain access to accounts across Britain. So far £20million has been stolen from UK bank accounts
The websites also have advice and guidance on how users can protect themselves in the future.
The NCA is working to stop the affected computers from communicating with the cyber criminals controlling them.
This activity is in conjunction with a US operation, currently being undertaken by the FBI.
WHAT TO DO IF YOU THINK YOUR COMPUTER HAS BEEN TARGETED
Members of the public have been urged to remain vigilant and not open documents in emails, or click on links, if they are unexpected or if they are unclear about its origin.
If any internet users think they have lost money through malware such as Dridex, they should report their concerns to Action Fraud and alert their respective banks, the National Crime Agency said.
Its executive assistant director, Robert Anderson said: ‘Those who commit cyber crime are very often highly-skilled and can be operating from different countries and continents.
‘They can and will deploy new malware and we, along with our partners, are alive to this threat and are constantly devising new approaches to tackle cyber crime.
‘We urge all internet users to take action and update your operating system. Ensure you have up-to-date security software and think twice before clicking on links or attachments in unsolicited emails.’
He added : ‘Cyber criminals often reach across international borders, but this operation demonstrates our determination to shut them down no matter where they are.’
Last month it was revealed that police in the UK are only investigating one in 100 cyber crime fraud cases.
The number of online fraud cases has rocketed in recent years – leaving officers reliant on a computer programme to decide if cases ‘are worth’ following up, it was reported.
In the past year there have been 3.2million frauds, but these have resulted in fewer than 9,000 convictions, an investigation found.
Instead of reporting the crimes directly to police, since 2013 victims of online fraud have been told to contact Action Fraud – which is run by the Home Office in association with City of London police – either online or over the telephone.
Victims are given a police crime reference number and their cases are passed to the National Fraud Intelligence Bureau.
Action Fraud’s website warns those reporting a crime that they will only be contacted again by police and other law enforcement agencies ‘in some cases’, and that ‘the police cannot investigate every report individually’.
According to the Times, more than 230,000 criminal reports were submitted last year, but only around a quarter of these were handed to police. The rest were dismissed by the computer algorithm.
Experts have warned the situation has given fraudsters ‘virtual impunity’.
It has been estimated that around 70 per cent of all frauds are carried out online, with many criminals based overseas – making it difficult for police in the UK to pursue a case.