Skip to main content

The National Crime Agency (NCA) has warned internet users against a malicious form of malware software that has allowed criminals to steal millions of pounds out of UK bank accounts. It is estimated that around £20 million has been lost so far. The malware Dridex, also known as Bugat and Cridex, is thought to have been developed in Eastern Europe by conmen in a bid to retrieve online banking details.

Tell us more

The NCA revealed that computers become infected with the malware when users receive and open seemingly legitimate emails that appear to be from their bank or account provider. Thousands of computers are believed to be affected in the UK, with the majority being Windows users. Dridex is unable to install itself on other operating systems such as Mac OS X or launch on mobile devices.

While criminals are believed to be largely focusing on financial institutions and a variety of different payment systems, members of the public are thought to have been victims as well. The agency is currently working with the FBI to ‘sinkhole’ the malware, meaning they’re trying to stop the infected computers (known as a botnet) from communicating with the cyber criminals that are controlling them. A large portion of the botnet has now been made harmless and action is being taken to safeguard victims.

Assistance from Europol, GCHQ and Moldovan authorities has led to one arrest, although more are expected to follow. Robert Anderson, an assistant director at the FBI called upon internet users to protect themselves: “We urge all internet users to take action and update your operating system. Ensure you have up to date security software and think twice before clicking on links or attachments in unsolicited emails”.

What can we do?

Echoing the advice given by Robert Anderson, you can protect yourself from Dridex by doing the following:

• Make sure you use legitimate antivirus software that’s up-to-date. You can download a number of anti-virus tools, by visiting the CyberStreetWise and GetSafeOnline websites.

• Don’t open attachments, documents or click on links if you receive an email from an unfamiliar source.

• If you’re unsure of a link attached in an email, go directly to the website.

• Utilise the anti-spam solutions made available by your Internet service provider.

• Keep all software up-to-date, companies like Microsoft, Google, Adobe and Java regularly issue important security updates, so look out for these. This will help to block viruses and other malware from installing. You can check for missing updates and easily fix them on your PC, phone or tablet here.

• Never use the same password for more than one website, as if one site is hacked all of your other accounts will be compromised.

• For extra precaution, add ‘two-factor authentication’ where available for all important accounts. This adds a second level of security to the log-in process, where you’ll usually have to input an additional password or PIN that you can use only once. This will stop anyone who might have found out your passwords from being able to login.

If you think your computer may have been infected by this software, you can use free anti-virus tools like F-Secure, McAfee and Microsoft to scan and remove Dridex as well as other malicious malware. If you believe you have lost money as a result of this scam, get in touch with your bank immediately, and then contact Action Fraud. You can do this by ringing them on 0300 123 2040 or use their online reporting tool.

For more help and support on keeping your money and your account safe read our detailed guide.

Legal Information