Which? uses cookies to improve our sites and by continuing you agree to our cookies policy

Cyber-attack warning after bank accounts targeted

Hackers may have stolen as much as £20m in the UK alone


Britain’s top crime agency has warned internet users to protect themselves against a new cyber attack that has seen fraudsters steal millions from UK bank accounts.

The National Crime Agency (NCA) says a new virus – Dridex malware – is being used by hackers to harvest online bank details and gain access to accounts across the country.

Unsuspecting consumers are being hit when they receive and open emails and attachments from seemingly legitimate organisations – a cyber crime known as ‘phishing’. 

Developed by technically skilled cyber criminals, UK losses are already estimated to run to £20m as a result of the new Dridex malware.

Read our tips for avoiding phishing and identity theft to stay safe.

Thousands of UK computers affected

Thousands of UK computers are thought to have been affected by the latest virus, with the NCA saying that at least one ‘significant arrest’ has already been made.

Mike Hulett, head of operations at the NCA’s National Cyber Crime Unit, said: ‘This is a particularly virulent form of malware and we have been working… to mitigate the damage it causes. Our investigation is ongoing and we expect further arrests to made.’

How do you get the virus?

According to the Office for National Statistics, internet banking use has nearly doubled in the past eight years – from 30% of adults in 2007 to 56% in 2015 – leaving an increasing number of consumers vulnerable to cyber attacks.

You may fall foul of cyber fraud if you open a phishing email or download an attachment from fraudsters pretending to be from your bank or from a trusted establishment. The email or attachment can contain a computer virus like the Dridex malware. Never open emails or attachments from sources that you’re unsure of.

If you’re ever unsure, call your bank directly. Don’t ever respond to the email as this alerts the fraudster that the email address is ‘live’.

Falling victim to online bank fraud

In order to protect yourself, firstly make sure your computer or laptop is protected with a good security program and anti-virus software. Keep them all up-to-date, along with your browser.

You should check your account regularly to pick up on any irregularities and contact your bank as soon as possible if you think you’ve been a victim of fraud. 

Your bank is responsible for passing details of the fraud to the police.

Your bank must refund the amount of the transaction and restore your account to the state it was before the transaction was made, unless it can prove you’ve acted fraudulently or been grossly negligent.

Importantly, you don’t have to prove that you weren’t negligent – it’s for the bank to prove that you were. 

More on this…

Back to top