This is a pretty scary story:
David Green normally only accessed his company’s online bank account from his trusty Mac laptop. Then one day this April while he was home sick, Green found himself needing to authorize a transfer of money out of his firm’s account. Trouble was, he’d left his Mac at work. So he decided to log in to the company’s bank account using his wife’s Windows PC.
Cut a long story short, there was a password stealing Trojan on the PC and criminals accessed the bank account and pulled out $100,000 in $5,000 and $10,000 chunks.
Now, it's easy to think that this guy would have been protected if he'd had proper, up-to-date antivirus installed on his PC. Well, as Brian Krebs points points out, maybe not ...
What’s more, the tools these crooks are using — mainly the Zeus Trojan — almost always outpace anti-virus detection at least by a few days, and by then it’s usually too late.
The question is, who or what to blame? Is it user error? Is it the fault of Windows? Is it the bank's fault?
Another question worth asking is this - Is Windows just far too big and juicy (and easy) a target for hackers that folks still using the platform for sensitive work as asking for trouble? After all, there's absolutely no questioning the fact that this attack would not have worked on the Mac or Linux platform. This firm lost $100,000 due to using Windows. Period.
Oh, and if you do have good security practices in place, make sure you use them ALL THE TIME!!!