Cyber fraudster have looted more than SKr8 million from Nordea bank accounts in just three months after unleashing a trojan program which is designed to steal account details and passwords.
According to local press reports, Russian criminals have been using Trojan viruses to infect the computers of Nordea customers. More than 250 customers are thought to have fallen victim so far.
The Trojan e-mail encourages recipients to download a spam-fighting application. The program activates when users log in to online accounts and saves any data submitted - including one-time passwords used by Nordea customers. The application also displays an error message asking the customer to resend the info so the criminals end up with two access codes.
Police investigating the fraud have found that the stolen customer data was sent to servers in the US before being forwarded to Russia and being used to access and drain bank accounts.
Nordea has reportedly known about the attacks "for some time" but has not yet made a public statement. The Scandinavian bank is also reported as saying that it will compensate customers who have fallen victim to the trojan attack.
In 2005 hackers targeted Nordea's paper-based one-time password security system by sending out spam e-mail directing customers to bogus sites where they were asked to enter their account details along with the next two single-use password on a list issued to them by the bank on a scratch sheet.