Malware Protection

Malware: The Way Thieves Gain Access

Malware is malicious software designed to infiltrate and damage computer systems, collect private data, and ultimately to commit fraud. Thieves use malware to gain the ability to monitor your keystrokes (thereby recording everything you do), take control of your computer or initiate other processes that can affect the performance of your computer. Malware is generally distributed through email, pop-up ads, social networking sites and P2P sharing sites.

Most malware is not detectable and it’s often disguised as .zip, .cab, .rar or executable files (*.exe). It’s important that you do not open any files with these extensions unless you know exactly what they contain and trust they are from a known, reputable source. Other file formats to use caution with include screensavers (*.scr), autorun (.ini) or script files (.php, .asp, .htm, .html, .xml) because they have a higher likelihood of being infected by malware.  


How Infection Can Happen

  • Criminals target victims by scams
  • Victim unknowingly installs software by opening an email, clicking on a link or visiting an infected Internet site
  • Criminals begin monitoring the accounts
  • The next time the victim logs into their online banking, criminals collect login credentials
  • Criminals then wait for the right time to strike – in one of two ways:
    1. Criminals log in after hours so you are not immediately alerted to suspicious activity.
    2. If you are utilizing a token, the criminals wait until you enter your code and then they hijack the session and send you a message such as “online banking is temporarily unavailable.”

Infection via Email

Some experts feel that email is the biggest security threat of all. Email is the fastest, most-effective method of spreading malicious code to the largest number of users. As a best practice, it is recommended that you do not click any links within the email, but instead directly open a new secure browsing window to access the online banking site. Attachments delivered through email can be particularly risky, so do not open or even preview any attachments from an unfamiliar source. If you receive an email from SDCCU, make sure it contains the safety card that displays the last four digits of your account number.  

Common Types of Malware

  • Rootkits are a stealthy type of software, typically malicious, designed to hide the existence of certain processes or programs from normal methods of detection and enable continued privileged access to a computer.
  • You may have heard of “rooting” in reference to the process of removing operating system restrictions on an Android device. This is not recommended, as it makes the device more vulnerable to malware threats.
  • Scareware is a form of malware that misleads users into paying for the fake or simulated removal of malware and it has become a growing and serious security threat in desktop computing.
  • Most Scareware scams include a Trojan horse component, which users are misled into installing.
  • Common forms of Scareware:
  • Browser plug-in (typically toolbar)
  • Image, screensaver or ZIP file attached to an email
  • Multimedia codec required to play a video clip
  • Software shared on peer-to-peer networks
  • A free online malware scanning service
Trojan horse
  • A Trojan horse is usually a non-self-replicating type of malware program containing malicious code that, when executed, carries out a predetermined function, typically causing loss or theft of data and possible system harm.
  • When executed, a virus replicates by inserting copies of itself into other computer programs, data files or parts of the hard drive, thus corrupting or "infecting” the affected areas.
  • While most antivirus software can detect and block this malware, criminals often rely on psychological manipulation to trick victims into installing it.
  • A worm is malware designed to spread to other computers through the Internet or a shared network. It often relies on security failures on the target computer to infiltrate it.
  • Keeping your antivirus software updated is the best defense to worms. Outdated antivirus software may allow your computer to become infected if you simply view an infected email. Use caution when opening unfamiliar or suspicious emails. 

San Diego County Credit Union makes no representations or warranties as to the completeness or accuracy of the information that is supplied on this page. Information is supplied upon the condition that the persons receiving it will make their own determination as to its suitability for their purposes prior to use.