Bank Safe Online


Stay informed...

Tell us about...

Frequently asked questions

Please select a question...

Trojans Explained

What are Trojans?

Trojans take their name from the term 'Trojan Horse' and are a type of computer virus which can be installed on your computer without you realising. Trojans can be capable of installing a "keystroke logger", which captures all of the keystrokes entered into a computer keyboard. Some specifically seek to capture passwords entered at certain web sites, by capturing keystrokes or taking screen shots of sites you visit. This information is then sent to the fraudsters over the Internet.

Typically the fraudsters send out emails at random to get people to click on a link from the email and visit a malicious web site where vulnerabilities in the web browser are exploited to install the Trojan. The emails are not normally related to Internet banking and try and dupe people into visiting clicking on the link to the malicious web site with a variety of excuses.

Firewalls, up to date antivirus software and anti-spyware programmes all provide the best defence from Trojans so it is important you use these to protect your computer.

Treat all unsolicited emails with caution and never click on links from such emails to visit unknown web sites.

How can I prevent myself from being infected by a Trojan?

Currently, most Trojans take advantage of vulnerabilities in the Internet Explorer browser used to access the World Wide Web. To protect against these vulnerabilities, if you use Internet Explorer, you should ensure that you are using the latest version of the software and it is essential that you download all of the Internet Explorer Critical Updates (also known as "security updates" or "patches") from the Windows Update site. You may also wish to consider using a different kind of web browser.

Just as you protect your house with locks on windows and doors and maybe also a burglar alarm, it is essential that you protect your computer by using up-to-date anti-virus software, doing regular scans of your computer to check for viruses, installing a personal firewall and also the latest security updates for your web browser and operating system.

Detailed advice on how to protect your computer is available on getsafeonline.org.uk.

Some Trojan emails contain code to download the Trojan when the message is previewed or opened using 'HTML view' in your email programme. It is always safer not to open messages from unknown sources and to read messages in 'plain text' only.

How to spot suspicious emails

The Trojan emails can masquerade as almost any kind of message, so you need to be treat all unsolicited emails you receive with caution, but the main similarity is that they try and get you to click on a link by alarming you (e.g. "Your credit card will be charged"), or by tempting you with some dramatic information (e.g. "Osama Bin Laden captured", "Terrorists target Olympic Games", "Someone sent you a private message"). You should consider using an anti-spam product to help to filter out such unsolicited emails.

Take a look at examples of Trojan emails

Malicious web sites

A malicious web site contains code which installs a harmful programme such a Trojan, computer virus or adware onto your computer. If visited, the web site may appear to be completely ordinary, but behind the scenes it will be installing the malicious code and this may not be apparent, although sometimes a programme will launch unexpectedly, or you may notice a lot of activity on your Internet connection as the files are downloaded. The malicious code may be disguised within the page, so cannot be easily be identified, unless you have specialist knowledge. Even the plainest looking page can conceal malicious code behind the scenes.

Example malicious web site pretending to be an empty page:

Malicious web site

Reporting suspicious emails

If you do receive a suspected Trojan email, please forward it to our report a scam email address.

For further advice on protecting yourself from Trojans visit getsafeonline.org

Reminder: