InfoSec Blog - Banking Trojans

Banking Trojans

January 11, 2019

There has been a significant rise in cyber security activity involving banking trojans recently, including Trickbot and Emotet. Banking Trojans are becoming more dangerous and disruptive, and once infected, users may have a hard time detecting and removing them from their devices. It's more important than ever to prevent them from gaining a foothold and to respond effectively if they do.

Banking Trojans are a type of malware designed to steal credentials, with a specific focus on banking credentials for online banking services. Once cybercriminals have your online credentials they may use them to access to your financial accounts, steal your money, and steal your identity. 

This type of malware typically spreads via:


Awareness of this threat is one of the most important steps you can take to help avoid infection:

  • Know how to recognize a phishing message
  • Exercise caution with your email. Verify embedded links and scrutinize email attachments, particularly Office documents that contain macros
  • Practice safe web browsing habits. Keep your browser and extensions patched, do not click on pop-ups, use a pop-up blocker, avoid clicking on unknown links, and only visit known trustworthy sites
  • Only download mobile apps from official app stores and carefully read reviews before installing new apps
  • Take cyber security awareness training available in CourseLink (Students - Employees)
  • Keep all of your computers and mobile devices current with security updates
  • Run anti-malware on all of your computers and mobile devices. This applies to Macs and Linux systems as well - they are not immune
  • Carefully monitor your bank account and credit cards for suspicious activity


If you have reason to believe your system has been infected with a banking trojan:

  • Disconnect infected machines from the network (wired and wireless) as soon as possible
  • Change passwords for any personal accounts they may have accessed through the machine
  • Contact the CCS Help Centre for assistance 
  • Contact your bank if you have detected suspicious activity on your account


Written by: Stephen Willem (Manager, Information Security)​