Don't bank on password security

Sophos Press Release

Sophos, a world leader in IT security, has today warned users against storing internet banking passwords and PIN numbers on their computers, following a security threat which targeted online customers of UBS, one of the world's largest banks.

VBS/LoveLet-BD, the 56th variant of the Love Bug to strike, attempts to steal UBS customer account details and forward them to other email addresses, posing a serious threat to the integrity of UBS customer accounts.

"Saving your personal banking details on your computer is as daft as keeping your credit card PIN number on a slip of paper in your wallet," said Graham Cluley, senior technology consultant for Sophos. "This virus has highlighted a vulnerability in online banking. Users should remember passwords in their heads rather than on their computers to minimise risk."

Sophos advises that all customers should ensure that their anti-virus software is up-to-date. Customers should also consider blocking any VBS files from entering their organisation.

Sophos has published safe computing tips here.

More than 100 million users in 150 countries rely on Sophos’ complete security solutions as the best protection against complex threats and data loss. Simple to deploy, manage, and use, Sophos’ award-winning encryption, endpoint security, web, email, mobile and network security solutions are backed by SophosLabs - a global network of threat intelligence centers. Sophos is headquartered in Oxford, U.K., and is publicly traded on the London Stock Exchange under the symbol “SOPH.” More information is available at www.sophos.com/company.