BBC Home
Explore the BBC
Low graphics|Accessibility help
BBC News
Launch consoleBBC NEWS CHANNEL
News Front Page
World
UK
England
Northern Ireland
Scotland
Wales
Business
Politics
Health
Education
Science & Environment
Technology
Entertainment
Also in the news
-----------------
Video and Audio
-----------------
Have Your Say
Magazine
In Pictures
Country Profiles
Special Reports
RELATED BBC SITES
Last Updated: Thursday, 18 November, 2004, 05:42 GMT
E-mail this to a friend Printable version
The spy in your computer
Breakfast guinea pig, Natasha Gorwitch
With freely-available software, we read Natasha's personal details
There's been a sharp rise in the number of so-called "phishing" e-mail scams, according an industry association set up by to tackle the problem.

Hackers use the technique to lure internet users into handing over passwords which can then be used to defraud online banks.

Worse still, some e-mails now contain software which will log your every computer keystroke and send vital details such as your password back to the hackers.

Breakfast's Max Foster has been investigating. He found it surprisingly easy to hack into a friend's computer and read details of bank accounts and passwords.

  • What can you do to prevent scammers "phishing" for your details?

  • We talked to Professor Neil Barrett, who's an expert in internet crime. Revealingly, he told us that he won't use internet bank accounts.

    watch our interview with Prof Neil Barrett

  • Internet expert Mark Murtagh, from the security company Websense, answered some of your e-mails

    watch our interview with Mark Murtagh

    The Anti-Phishing Working Group says there were more than six-and-a-half-thousand new types of phishing email circulating around the internet in October - three times higher than in the summer.

    The group, which gathers information from software companies, says the figure is three times higher than during the summer and the technology being used by the hackers is increasingly sophisticated.

    Initially the emails were simply made to look as if they came from banks asking customers to renew their log-in details.

    Now some emails come loaded with bugs which, when triggered, can monitor where people go on the internet and which passwords they use. The banks are warning people not to open suspicious emails from anyone they don't recognise.

    We managed to hack into the PC of our Breakfast guinea-pig, Natasha Gorwitch, with software which is freely-available on the internet.

    The spyware took "photographs" of her computer screen, revealing her bank account, bank balance and friends' addresses.

    watch Max Foster's investigation

    Websense's top tips to prevent attacks on your account:

  • Never follow a link in an email if you suspect the message might not be genuine. Don't follow links on Instant Messaging services either.
  • If you want to find your Online bank, always type its URL into your browser.
  • Do not open attachments in emails unless you are absolutely sure you're waiting to receive that particular file.
  • Always check suspicious looking emails with the sender. Be very wary of e-mails asking for your personal financial details.
  • Keep your PC operating system up to date and update your anti-virus software frequently
  • Use a personal firewall.
  • You can also get software to detect and remove spyware.
  • Do not use the same password for all of your online accounts.
  • Do not store online account information and passwords in files held on your computer.

    Glossary

  • Malware Malicious software, including virus and worms which is destined to interfere with computer systems. Most malware comes from the internet, without the computer user's knowledge.

  • Spyware software which gathers information about users or their activities. These programmes are often downloaded unwittingly from the internet by computer users. Many are - such as adware or tracking cookies - are harmless.

  • Keyloggers are a form of spyware. They collect information about the user's computer use and time spent on certain sites. Some capture all the user's keystrokes; others can record websites visited, passwords and e-mails. Most are invisible and transmit this data back to the host server.

  • Phishing (pronounced fishing) is a common internet scam in which legitimate-looking e-mails are sent out to users, to get them to divulge information such as bank details, user names and passwords.



    E-mail this to a friend Printable version
    • BBC NEWS:VIDEO AND AUDIO
    'Phishing' expeditions
    Breakfast's Max Foster finds out how easy it is to access online account details

    How to avoid being 'phished'
    We put your questions to internet security expert, Mark Murtagh

    Internet banking security
    We talked to Professor Neil Barrett


    BBC Breakfast

    Home
    About BBC Breakfast
    Contact us
    FAQs
    SEARCH BREAKFAST:
     

    SEE ALSO:
    Q&A: Safe online banking
    05 Nov 04 |  Business
    How to avoid the phishing bug
    23 Jan 04 |  Technology
    New online security fears
    09 Nov 04 |  Breakfast
    Your rights when shopping online
    17 Nov 04 |  Breakfast
    Online banking: Breakfast investigates
    05 Nov 04 |  Breakfast


    RELATED INTERNET LINKS:
    Websense
    Antiphishing Working Group
    Spam cop
    The BBC is not responsible for the content of external internet sites

    PRODUCTS AND SERVICES

    News Front Page | World | UK | England | Northern Ireland | Scotland | Wales | Politics
    Business | Entertainment | Science/Nature | Technology | Health | Education
    Have Your Say | Magazine | In Pictures | Week at a Glance | Country Profiles | In Depth | Programmes
    Americas Africa Europe Middle East South Asia Asia Pacific