Pharming attacks are becoming so sophisticated that it is almost impossible to tell fake bank websites from the real ones. One expert urged users to stop using the internet to access bank accounts.
The attacks, which involve redirecting a user to a spoofed website by 'poisoning' the local domain name server (DNS), have been gathering pace in Europe over the last few months. David Perry, global director of education at Trend Micro warned users to avoid using bank websites.
"I would avoid banking online as you just can't tell if you are experiencing a pharming attack," he told journalists at the Virus Bulletin conference in Dublin, Ireland, "I would say to people 'stop banking online'."
While banks introduce new security measures, it appears that criminals are finding ways around them fast, Perry said. "Cybercrime today is much more sophisticated. Malware has reduced trust in the internet."
Other experts disagreed and said there was no reason to stop banking online.
Graham Cluley, senior technology consultant at Sophos said he felt safe with online banking but added "I think there's a lot more that the banks could do in terms of security."
He urged banks to introduce more secure ways for customers to authenticate themselves and the banks could do more to reassure their customers that the systems were safe.
"Banks should give customers the option to ask the bank a security question that only they could know the answer to – it wouldn't be hard to implement," said Cluley.