These days it is extremely common to encounter sophisticated malicious software that has been designed to capture and transmit data such as passwords and bank details. Attackers are frequently making use of captured details, primarily for financial gain, but not necessarily through the traditional methods of fraudulent credit card purchases or withdrawals from bank accounts; almost any information captured potentially has value.

This document is intended to give some advice to those whose systems have been infected with such malware. If you have been affected then we encourage you to follow the advice in order to reduce the risk of your accounts being attacked. We appreciate that the advice may seem daunting, but in the long-term it may save you work. Please do not be afraid to approach your IT officer or the OUCS helpdesk for assistance or further advice.

One first piece of advice is that if you believe your machine is infected with such malware, for example if you have been told by an IT officer that your machine is blocked for this reason, do not try to connect it to a network elsewhere until it has been cleaned. There may be data that has been captured and is stored on your machine but not yet transmitted to the attacker's site. There is nothing to be gained by giving them more of your passwords or other data.

Sections in this document: