'banking software'

Discussion in 'other anti-virus software' started by Fly, Mar 28, 2008.

Thread Status:
Not open for further replies.
  1. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,069
    In the eyes of the ignorant public every piece of malware (except perhaps cookies, and some relatively innocent adware) is a 'virus'.

    I practice online banking.

    Banks tend to say: you need an up to date antivirus to prevent unauthorized access to your bank account. (My words).

    But really, is that malware (except keyloggers and rootkits, which are spyware) a 'virus', in other words, do you really need antivirus software for this purpose ?

    Or will good antispyware (with real-time protection) do the trick ? Protect you against malware specifically designed to clean out your bank account ?

    (I have two antispyware programs with real-time protection).

    And a question that was stated somewhere here but never answered: do you really need an antivirus to catch trojans (again, two good antispyware programs here) ?
     
  2. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA
    There can be significant overlap between antivirus and antispyware applications in terms of what they are designed to detect. You would need to specify which AS with real-time protection you're running to get an answer. And by the way, why run two AS instead of one + AV?
     
  3. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,740
    Location:
    Texas
    Most antivirus programs these days cover far more than viruses. They have morphed into anti-malware programs that for the most part that cover many more threats than just viruses.
     
  4. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    As solcroft said in another thread, you could call today's AVs anti-trojans. Viruses (script viruses, macro viruses, file infectors, boot viruses) account for a very small part of the malware picture nowadays.
    For example, the latest sig. update of NOD32:
    Do you see? Trojan droppers, trojan downloaders, adware, spyware, PSW (password-stealer) trojans, rootkits, RATs, exploits, etc.
     
  5. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    i tend to use the words "antivirus software" loosely.
    most decent antivirus software these days are better at detecting trojans than anti trojan and antispyware programs.
    http://www.kaspersky.com/viruswatch3
    as you can see the most common threats atm are trojans.
    there is also a dialer in the lastest update.
    yes i do have an antispyware program for on demand but ive never needed it.
     
  6. Tarq57

    Tarq57 Registered Member

    Joined:
    Oct 7, 2006
    Posts:
    966
    Location:
    Wellington NZ
    Just for clarification: are you asking if antispyware application/s without also using an AV should be adequate?
    Or more "Why don't the banks specify AS as well as AV?
    If the latter, I think you've probably answered your own question. The average user knows about AV's ( a bit, it usually comes pre-installed in the form of a large yellow package) and a lot of them have heard of Spybot and AdAware, anything much beyond that is not mainstream enough, yet. So for the bank to say "You should have an AV (And some say "We won't cover your losses if you don't") is really the minimum requirement. I believe it's probably adequate for most, too. A lot of AV's (most?) are able to detect other malware. Some might not be too hot at removing it, though.
    I practice online banking, too, and have quite a bit more in the arsenal than an AV. As I'm sure do most members here. But the banks have to cater for the "average" user. In order to do that, compromise is necessary.
     
  7. ccsito

    ccsito Registered Member

    Joined:
    Jul 27, 2006
    Posts:
    1,579
    Location:
    Nation's Capital
    I think many of the current references in many websites regarding security software tends to focus on the terms that became "household names" when PCs started to proliferate. The early dawn of PC security software introduced the terms "antivirus" and "firewall". Back over 10 years ago, no one was familiar (maybe even now as well) with terms such as "spyware", "malware", "trojan", "bot", "rootkit", or even "spam". Current AV developers tend to incorporate as much of a wide coverage of different types of protection against "evil doers" as they possibly can. Many new users don't want to have to install multiple programs to get comprehensive protection. That is why the suite application is becoming more popular now. Things have mushroomed to many different aspects in regards to PC protection and the possible threats that are prevalent today. Banks (as well as many other vendors) will tend to try to simplify the message with regards to PC protection. If they asked to you to load multiple programs, most customers will probably reply with "Huh? All of that stuff? Forget online banking". Some banks and other companies are not too familiar with the new threats to computers, so they won't attempt to confuse customers with technical jargon and information.
     
  8. mercurie

    mercurie A Friendly Creature

    Joined:
    Nov 28, 2003
    Posts:
    2,442
    Location:
    Sky over the Wilders Forest
    I have said this many times about many organizations but will say it here again...
    It is in the best interest of these types of entity, (corporations) to offer AV for free or suggest pc protection even if not free. It protects them too. Even if it is as simple as keeping a customer happy. Many who do not understand these things the way we do here, will blame the entity for their infected computer. "I couldn't get to your site Bank XYZ why is your site always down"....:blink: Bank XYZ says, "we have no problems we are up and running. The site is fine". Customer gets :mad: :mad: and insists no you are down...:doubt: what is wrong can't someone help me...

    You see what I mean? :) :thumb:

    I believe in running an AV on all internet connected machines. I am not that good that I can detect every threat without it. Very, Very few are.
     
  9. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,069
     
  10. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,069
    I have Counterspy 2.5.1042 and the Spy Sweeper 5.7.x, both running with real-time protection (configured with above average security settings).

    I've already paid for my subscription to the Spy Sweeper, which lasts well into 2009. (It really has some nice features)

    And Counterspy is just too good to NOT have it on my computer.

    I still have that McAfee stuff (includes antivirus), I haven't gottten around to removing it. I'm not going to renew it. I think it costs about 50 euros, which is about 79 USD. But my reason for not renewing McAfee is that it's not that good, and it tends to cause problems.

    Specific question: I understand that some malware exists which is specificaly designed to clean out bank accounts of a specific bank. Antispyware protection or antivirus protection ?
     
  11. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    since your being specific i will answer this since i have had experience with spysweeper realtime protection. the only thing that spysweeper ever blocked was tracking cookies which is a complete waste of resourses.
    in the past i used to use spysweeper in realtime along with an AV.
    a few times when a trojan was downloaded from visiting a website it was always the av that blocked the trojan and not spysweeper.
    i would surgest keeping on in realtime and replacing one with a decent av.
    a decent av is lighter on resourses than spysweeper and provides better detection.
    i have used two different antivirus products in the last 4 or so years and they have saved me quite a few times.
     
  12. Threedog

    Threedog Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    1,125
    Location:
    Nova Scotia, Canada
    Yes, you should run a good antivirus. They have become a "catch all" provided they have the definitions for the malware. That being said I also run Defensewall and make use of the "Banking and Shopping" feature in it. It makes sure that the only untrusted process that is running is your browser. I also do a run with C Cleaner before and after any banking activities.
     
  13. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    However, NONE of the antivirus programs or antispyware programs or HIPS or firewalls will protect against cross-scripting (XSS). XSS can grab your online banking passwords quicker than a cat can blink his eye, no matter WHAT AV/AT/AS you are running. :argh:
     
  14. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    976
    Location:
    Paris
    And the really bad thing is that one can pick this stuff up from trusted sites.

    I think it was Finjan that aided in busting a site that was selling FTP credentials to various websites (~8700 including a good many Fortune 500 companies). The scripts were being added to the main page links and the hackers just sat back and waited for the harvest.

    And I still see people acting smug because they "practice safe browsing".
     
  15. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    There was arecent eye-popping post here from Giorgio
    http://hackademix.net/2008/01/12/malware-20-is-now/
    :eek:

    FWIW; If I recall, TallEmu/Mike Nash's ( OnLineArmor) first incarnation was as a developer of "safe banking" tools
    You could always ask him: bet he has a tool for sale ;)

    I'm constantly p-o'd by the number of banks ( mine anyway: NAB :mad: if they're looking :rolleyes: )That run web pages with inappropriate coding: ie; will not work with FF.

    I'm not sure but I think I'd rather be banking with FF and NoScript in a sandbox than IE.

    Realistically, there is little option now but to have an effective on-line banking set-up.
    Just have to find the right one.
     
  16. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    When it comes to my online financial dealings i use a laptop which i have setup for this purpose only. I don't use any virus/spyware scanners, instead i run faronics anti-executable and deepfreeze on it to help ensure its kept clean.
     
  17. kinwolf

    kinwolf Registered Member

    Joined:
    Oct 19, 2006
    Posts:
    271
    I would go with a good AV but if you prefer only AS, then make sure it as a good anti-rootkit.

    As you can see on this page, , under the topic "Advanced rootkit emerges", rootkit malware are starting to target specific banks. http://www.f-secure.com/f-secure/pressroom/news/fsnews_20080331_1_eng.html

    Excerpt from the page
    Dunno if Counterspy or Spysweeper would detect those kind of threat.
     
  18. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Similar setup as Farmerlee and even when I'm infected with keyloggers, they are useless, because my bank changes my password constantly and I have to calculate my password during each login with a special hardware device, that looks like a pocket calculator. The online thief also needs my bankcard, its number and its pin code to calculate my password.
    Keyloggers can only send an out-of-date total useless password to the online thief. I smile and he cries and that's how it is supposed to be. :)
     
Loading...
Thread Status:
Not open for further replies.