Targeted virus attack against UBS e-banking clients who use UBS PIN software.
A new e-mail virus which attacks UBS PIN software has been released. The identity of those responsible is as yet unknown. An analysis by UBS has shown that only a small proportion of UBS e-banking clients are at risk. The vast majority do not use PIN software and are therefore not affected by the virus. There are no reports of damage as yet. UBS IT specialists set up virus filters yesterday morning, and this successfully prevented the virus from spreading within UBS. UBS is preparing to take legal action against whoever is responsible.
Like the "I LOVE YOU" virus, this new variant is spread via the e-mail program Microsoft Outlook. The virus comes with "Resume" in the Subject field and an attachment bearing the name "resume.txt.vbs". As soon as this attachment is opened, the virus attempts to steal scratch list numbers from the UBS PIN module. It cannot do so if the user has configured UBS PIN according to the installation instructions provided.
Anti-virus software companies are already offering updates that can detect this new virus. UBS recommends that all clients who use UBS PIN install suitable anti-virus software and update it regularly.
UBS e-banking clients who use UBS PIN on their PC AND have opened the e-mail attachment named above should proceed as follows: block your e-banking authorization immediately by entering an incorrect password three times, then inform the e-banking hotline on 0848 848 062 without delay.
Provided the usual Internet security guidelines are adhered to (i.e. never open unfamiliar or suspicious e-mail attachments and use up-to-date anti-virus software), UBS e-banking is a safe and reliable Internet banking solution.
UBS clients will be informed via the UBS e-banking homepage.
Basel / Zurich, 17 August 2000