Online banking compromised by virus

WEST LAFAYETTE, Ind. (WLFI) - Several members of the Purdue Employees Federal Credit Union contacted PEFCU recently, saying the online banking Web site was asking for some personal information.

After the PEFCU Information Technology department examined a couple of members' internet browsers that were compromised, it determined the cause of the problem was a virus on those computers.

"We were able to determine that their PCs were infected with a virus that was targeting not just PEFCU's system, but that was targeting any online banking system that you would try to authenticate to," said Phil Pajor, PEFCU's Information Security Manager.

PEFCU IT staff tested out larger banking systems' Web sites on these computers, to similar effect. In some cases, they were even asked for a social security number, or found a "Verisign Secured" symbol. PEFCU officials say this is a well-written virus that looks very authentic.

"It doesn't change the URL line," Pajor said. "In the past if you got an email, it would ask you to go to the site, but if you looked at the line you would see you were in Russia or China or some place that you knew you shouldn't be."

And even if your virus protection is up-to-date, that doesn't guarantee you're protected, he added.

"One of them was up-to-date and the virus protection still did not catch this," Pajor said. "It's a pretty low level infection in the Windows system. And so unfortunately what we've had people have to do so far, or what we've asked people to do so far, has been to start over and reload their PCs."

PEFCU officials said they will never ask you for your card number, PIN, or any other personal information. If your banking Web site asks you for this type of information, do not give it out and contact your financial institution immediately.

If you do mistakenly submit any of this information, you should have your card reissued and change any information you've shared.