Warning
Dear customers,
ZAO Raiffeisenbank would like to alert you to the growing number of attempts at fraud through the Internet using malicious programs. There have been cases where the personal data of the users of online banking systems was compromised as a result of attacks on user computers by Sinowal and Banker Trojans (phishing scams).
Sinowal and Banker are the dangerous viruses primarily designed to collect user details (logins and passwords) entered while working on online systems, making it possible for other viruses infiltrate through a "backdoor" in the operating system.
The table below lists antivirus programs capable of detecting this type of viruses (Sinowal sometimes called Mebroot):
| Antivirus program |
Version No. |
Virus signature |
| «Sinowal» |
| AhnLab-V3 |
2008.2.27.0 |
Win-Trojan/MBRtool |
| AntiVir |
7.6.0.67 |
TR/PSW.Sinowal.GJ.20 |
| Avast |
4.7.1098.0 |
Win32:Sinowal |
| AVG |
7.5.0.516 |
PSW.Sinowal.C |
| CAT-QuickHeal |
9.50 |
TrojanPSW.Sinowal.gj |
| DrWeb |
4.44.0.09170 |
Trojan.PWS.Snap.310 |
| eSafe |
7.0.15.0 |
Win32.Sinowal.gj |
| Fortinet |
3.14.0.0 |
W32/Sinowa.A!tr.pws |
| F-Secure |
6.70.13260.0 |
W32/Sinowal.ALH |
| Ikarus |
T3.1.1.20 |
Trojan-PWS.Win32.Sinowal.gc |
| Kaspersky |
7.0.0.125 |
Trojan-PSW.Win32.Sinowal.gj |
| McAfee |
5237 |
Generic.dx |
| Microsoft |
1.3204 |
PWS:Win32/Sinowal.gen!D |
| NOD32v2 |
2903 |
probably a variant of Win32/PSW.Sinowal.Gen |
| Norman |
5.80.02 |
W32/Sinowal.ALH |
| Panda |
9.0.0.4 |
Adware/Lop |
| Sophos |
4.27.0 |
Mal/Sinowa-A |
| Symantec |
10 |
Trojan.Mebroot |
| TheHacker |
6.2.9.229 |
Trojan/PSW.Sinowal.gj |
| VBA32 |
3.12.6.2 |
Trojan-PSW.Win32.Sinowal.gj |
| Webwasher-Gateway |
6.6.2 |
Trojan.PSW.Sinowal.GJ.20 |
| «Banker» |
| Kaspersky |
îò 20 apr 2007 03:45 MSK |
Trojan-PSW.Win32.Banker |
| McAfee |
5018 (04/26/2007) |
PWS-Banker |
ZAO Raiffeisenbank keeps track of these incidents and takes the necessary precautions.
You can improve the protection of you data and help safeguard your work with online banking systems by complying with the following rules for online safety:
- keep your antivirus program current and regularly upgrade your virus lists;
- note that you need to submit a login (user name), password, and sometimes an authorization code given as an image on the authorization page in order to enter an online banking system; if you are requested to provide additional confidential data, it is likely a sign that you are working with a counterfeit page;
- do not enter any data on suspicious pages or data that is not usually requested;
- be careful not to click on links provided in suspicious e-mails and do not open files attached to them;
- do not answer suspicious e-mails asking for personal information, as the Bank would never request such data from you by e-mail;
- do not disclose personal information such as your login (user name), password, PIN2 code, and bank card number;
- if you notice any "strange" behavior on the part of the system, notify the Bank immediately.
The Bank reserves the right to confirm suspicious transactions by privately contacting the system client.
If you believe your personal data has been compromised, contact the Raiffeisenbank Information Center to block access to the system. The Information Center in Moscow can be reached at +7 (495) 721 9100; to call from other cities dial 8 800 700 9100; the call is toll-free in Russia.
connect.raiffeisen.ru, elba.raiffeisen.ru, ielba.raiffeisen.ru and i-elba.raiffeisen.ru are official web-sites registered in the name of ZAO Raiffeisenbank.
| 
Font size