In response to the increased adoption of stronger authentication, cybercriminals are changing their tactics, according to Alex Shipp, a senior antivirus technologist at MessageLabs.

"We have recently seen a move away from stealing user name and passwords," Shipp said during a panel discussion at the 2006 RSA Conference in San Jose on Thursday. The new "bank-stealing Trojans" wait until the victim has actually logged in to their bank. "It then just transfers the money out."

"All of the authentication, little keys you have to have in your hand, biometrical things, it doesn't matter. The bad guy just waits until you're there and then takes the money out," Shipp said.

This new type of Trojan is on the rise and is currently number three on the list of most common threats, according to Shipp. The most-seen threat today is remote control code used to maintain networks of zombie PCs, or botnets, he said. Second are phishing scams, which seek to dupe computer users into giving up personal information, Shipp said.

This news article was written on February 21, 2006, quoting ZDNet.