http://news.bbc.co.uk/hi/english/sci/tech/newsid_894000/894253.stm [Comment: Article bases on trojans as "weapons" of penetrating into bankaccounts. They are so easy to use, and with some social engineering they can be easily send to innocent persons. The funny quote is "Anyone with a GCSE in computer science could use these tools to hack into a bank account". Altought i don't know for sure what is GCSE (we use different ranking system in country where I live), it is absurd to connect that kind of knowledge (again if I'm not mistaken) with easy usage of trojan horses. And another thing is that Mr. Gary Chapman who said this GCSE/trojan thing is entitled as a "former hacker"]. 'Trojans' open online accounts Is it safer to bank online or offline? By BBC News Online internet reporter Mark Ward An investigation into online banks has revealed how vulnerable they are to malicious hackers looking to steal the identity of customers. Working with former hacker Gary Chapman, the BBC's Newsnight revealed the methods that computer criminals could use to commit an internet bank robbery. Mr Chapman planted a snooping program on the computer of presenter Sue Nelson and used the information it gathered to assume her online identity. The banks say they are already beefing up security to limit the risk to consumers and make it harder for hackers to steal passwords and identities. Newsnight presenter Sue Nelson set up online accounts at four banks- Barclays, NatWest, Egg and Lloyds - to test their security. She found that it was possible for a determined hacker to steal her password and login details for three of the four accounts. Password no protection Former hacker Gary Chapman helped her show up the weaknesses in online security by sending Ms Nelson an email message which contained a "trojan" or hidden program. Like the legendary wooden horse of Troy that concealed a dangerous payload, the seemingly innocuous e-mail message contained a hidden malicious program. Almost any type of computer program can be used as a trojan and many computer viruses spread themselves in this way. But for Newsnight Mr Chapman concealed a program that logs every key- press made on a computer's keyboard and sends it to the malicious hacker. When the legitimate bank account holder goes online and types in their password the trojan sends the information to the hacker who can later pose as the customer and steal all the money. Key logging programs are available on the internet. "Anyone with a GCSE in computer science could use these tools to hack into a bank account," said Mr Chapman. Called to account Already malicious hackers are trying to use these techniques to collect passwords and pillage accounts. Earlier this month security experts warned of a variant of the Love Bug virus which targeted those who have online accounts with Swiss Bank. Thankfully the badly engineered program, known as VBS/LoveLetter.bd, seems to have failed to harvest any login details and no accounts are believed to have been rifled. The hardest part for hackers is getting users to open the e-mail message containing the trojan. Outbreaks of computer viruses have made people wary of opening messages they are not expecting and has led many to turn off the systems that let trojans install themselves. Peter Sommer, a expert on computer evidence and security at the LSE, said: "If customers want to protect themselves they have to learn rather more about computer security and that tends to become rather complicated." In the wake of the revelations banks are keen to reassure customers that their finances are in safe hands A spokeswoman for Barclays said it was introducing new security measures later this year which would make it harder for a trojan-type attack to succeed. "We have been a bank for a long time," she said, "There have always been fraudsters and we are always working to be one step ahead of them."