German police have arrested five men in Bonn on suspicion of stealing €30,000 through phishing fraud and Trojan horse attacks.
A sixth man associated with the group, which is suspected of targeting Postbank online account holders, is said to be on the run.
More than 12 million people hold Postbank accounts. According to German news Web site Heise.de, phishers targeted a large number of Postbank customers in Trojan horse and phishing attacks earlier this year, attempting to steal passwords and login information.
"We are increasingly seeing organised criminals writing Trojan horses to monitor the activity of innocent computer users," said Graham Cluley, senior technology consultant for Sophos. "They wait for them to visit a legitimate banking Web site before stealing their essential login information."
Former White House cyber security advisors Richard Clarke and Howard Schmidt have called for banks to implement two-factor authentication, such as RSA's SecureID, in a bid to halt phishing attacks. Microsoft has backed the call.
The Association of Payment and Clearing Houses (APACS) said that it was looking into using the technology, but had made no decisions yet.
Phishing attacks began in January this year. Clarke added that online transactions cost half of one percent of a physical banking transaction.
Russian antivirus company Kaspersky Labs recently said that 90 percent of malware is created and sent by criminals looking to steal money.