'banking software'

In the eyes of the ignorant public every piece of malware (except perhaps cookies, and some relatively innocent adware) is a 'virus'.

I practice online banking.

Banks tend to say: you need an up to date antivirus to prevent unauthorized access to your bank account. (My words).

But really, is that malware (except keyloggers and rootkits, which are spyware) a 'virus', in other words, do you really need antivirus software for this purpose ?

Or will good antispyware (with real-time protection) do the trick ? Protect you against malware specifically designed to clean out your bank account ?

(I have two antispyware programs with real-time protection).

And a question that was stated somewhere here but never answered: do you really need an antivirus to catch trojans (again, two good antispyware programs here) ?

 

There can be significant overlap between antivirus and antispyware applications in terms of what they are designed to detect. You would need to specify which AS with real-time protection you're running to get an answer. And by the way, why run two AS instead of one + AV?

 

As solcroft said in another thread, you could call today's AVs anti-trojans. Viruses (script viruses, macro viruses, file infectors, boot viruses) account for a very small part of the malware picture nowadays.
For example, the latest sig. update of NOD32:

Do you see? Trojan droppers, trojan downloaders, adware, spyware, PSW (password-stealer) trojans, rootkits, RATs, exploits, etc.

 

i tend to use the words "antivirus software" loosely.
most decent antivirus software these days are better at detecting trojans than anti trojan and antispyware programs.
http://www.kaspersky.com/viruswatch3
as you can see the most common threats atm are trojans.
there is also a dialer in the lastest update.
yes i do have an antispyware program for on demand but ive never needed it.

 

Just for clarification: are you asking if antispyware application/s without also using an AV should be adequate?
Or more "Why don't the banks specify AS as well as AV?
If the latter, I think you've probably answered your own question. The average user knows about AV's ( a bit, it usually comes pre-installed in the form of a large yellow package) and a lot of them have heard of Spybot and AdAware, anything much beyond that is not mainstream enough, yet. So for the bank to say "You should have an AV (And some say "We won't cover your losses if you don't") is really the minimum requirement. I believe it's probably adequate for most, too. A lot of AV's (most?) are able to detect other malware. Some might not be too hot at removing it, though.
I practice online banking, too, and have quite a bit more in the arsenal than an AV. As I'm sure do most members here. But the banks have to cater for the "average" user. In order to do that, compromise is necessary.

 

I think many of the current references in many websites regarding security software tends to focus on the terms that became "household names" when PCs started to proliferate. The early dawn of PC security software introduced the terms "antivirus" and "firewall". Back over 10 years ago, no one was familiar (maybe even now as well) with terms such as "spyware", "malware", "trojan", "bot", "rootkit", or even "spam". Current AV developers tend to incorporate as much of a wide coverage of different types of protection against "evil doers" as they possibly can. Many new users don't want to have to install multiple programs to get comprehensive protection. That is why the suite application is becoming more popular now. Things have mushroomed to many different aspects in regards to PC protection and the possible threats that are prevalent today. Banks (as well as many other vendors) will tend to try to simplify the message with regards to PC protection. If they asked to you to load multiple programs, most customers will probably reply with "Huh? All of that stuff? Forget online banking". Some banks and other companies are not too familiar with the new threats to computers, so they won't attempt to confuse customers with technical jargon and information.

 

I have said this many times about many organizations but will say it here again...
It is in the best interest of these types of entity, (corporations) to offer AV for free or suggest pc protection even if not free. It protects them too. Even if it is as simple as keeping a customer happy. Many who do not understand these things the way we do here, will blame the entity for their infected computer. "I couldn't get to your site Bank XYZ why is your site always down".... Bank XYZ says, "we have no problems we are up and running. The site is fine". Customer gets and insists no you are down... what is wrong can't someone help me...

You see what I mean?

I believe in running an AV on all internet connected machines. I am not that good that I can detect every threat without it. Very, Very few are.

 

I have Counterspy 2.5.1042 and the Spy Sweeper 5.7.x, both running with real-time protection (configured with above average security settings).

I've already paid for my subscription to the Spy Sweeper, which lasts well into 2009. (It really has some nice features)

And Counterspy is just too good to NOT have it on my computer.

I still have that McAfee stuff (includes antivirus), I haven't gottten around to removing it. I'm not going to renew it. I think it costs about 50 euros, which is about 79 USD. But my reason for not renewing McAfee is that it's not that good, and it tends to cause problems.

Specific question: I understand that some malware exists which is specificaly designed to clean out bank accounts of a specific bank. Antispyware protection or antivirus protection ?

 

since your being specific i will answer this since i have had experience with spysweeper realtime protection. the only thing that spysweeper ever blocked was tracking cookies which is a complete waste of resourses.
in the past i used to use spysweeper in realtime along with an AV.
a few times when a trojan was downloaded from visiting a website it was always the av that blocked the trojan and not spysweeper.
i would surgest keeping on in realtime and replacing one with a decent av.
a decent av is lighter on resourses than spysweeper and provides better detection.
i have used two different antivirus products in the last 4 or so years and they have saved me quite a few times.

 

Yes, you should run a good antivirus. They have become a "catch all" provided they have the definitions for the malware. That being said I also run Defensewall and make use of the "Banking and Shopping" feature in it. It makes sure that the only untrusted process that is running is your browser. I also do a run with C Cleaner before and after any banking activities.

 

However, NONE of the antivirus programs or antispyware programs or HIPS or firewalls will protect against cross-scripting (XSS). XSS can grab your online banking passwords quicker than a cat can blink his eye, no matter WHAT AV/AT/AS you are running.

 

And the really bad thing is that one can pick this stuff up from trusted sites.

I think it was Finjan that aided in busting a site that was selling FTP credentials to various websites (~8700 including a good many Fortune 500 companies). The scripts were being added to the main page links and the hackers just sat back and waited for the harvest.

And I still see people acting smug because they "practice safe browsing".

 

There was arecent eye-popping post here from Giorgio
http://hackademix.net/2008/01/12/malware-20-is-now/


FWIW; If I recall, TallEmu/Mike Nash's ( OnLineArmor) first incarnation was as a developer of "safe banking" tools
You could always ask him: bet he has a tool for sale

I'm constantly p-o'd by the number of banks ( mine anyway: NAB if they're looking )That run web pages with inappropriate coding: ie; will not work with FF.

I'm not sure but I think I'd rather be banking with FF and NoScript in a sandbox than IE.

Realistically, there is little option now but to have an effective on-line banking set-up.
Just have to find the right one.

 

When it comes to my online financial dealings i use a laptop which i have setup for this purpose only. I don't use any virus/spyware scanners, instead i run faronics anti-executable and deepfreeze on it to help ensure its kept clean.

 

I would go with a good AV but if you prefer only AS, then make sure it as a good anti-rootkit.

As you can see on this page, , under the topic "Advanced rootkit emerges", rootkit malware are starting to target specific banks. http://www.f-secure.com/f-secure/pressroom/news/fsnews_20080331_1_eng.html

Excerpt from the page

Dunno if Counterspy or Spysweeper would detect those kind of threat.

 

Similar setup as Farmerlee and even when I'm infected with keyloggers, they are useless, because my bank changes my password constantly and I have to calculate my password during each login with a special hardware device, that looks like a pocket calculator. The online thief also needs my bankcard, its number and its pin code to calculate my password.
Keyloggers can only send an out-of-date total useless password to the online thief. I smile and he cries and that's how it is supposed to be.