Banking Trojans steal sensitive information, including banking login details and memorable information, from infected machines. The Trickbot banking trojan is being used in cyber attacks against small and medium-sized businesses, and individuals in the UK and overseas.

Trickbot attacks are designed to access online accounts and obtain Personally Identifiable Information (PII) which can be used to facilitate identity fraud.

Trickbot exploits trusted commercial and government brands using well-crafted phishing emails to infect devices. It then spreads by infecting other devices on a network, and downloads further malware e.g. ransomware.


Proactive action to take now
Run a full scan on all devices using up to date antivirus / anti-malware software, such as Windows Defender. This should detect and remove Trickbot infection.

Protect business and personal banking facilities (including where employees have accessed personal banking from work devices)

  • Consider changing passwords and memorable information for any corporate, business or personal internet banking facilities/other online resources accessed from the infected network.
  • Review bank and credit card statements for suspicious activity and report any findings to your bank. Advice any employees who have accessed online banking facilities from the affected network to do likewise.

Protect your devices and networks by keeping them up to date

  • Apply security patches promptly.
  • Use Antivirus and scan regularly to guard against known malware threats.

Use Multi-Factor Authentication (MFA)

Mitigate against password guessing and theft, including brute force attacks by using MFA. MFA can also be called two-step verification or 2-factor authentication (2FA).

Further guidance for IT professional

The NCSC released Trickbot specific guidance which can be found on their website at

If you've been affected by this or any other type of cyber crime, report the details to Action Fraud (0300 123 2040 / Always keep an eye out for any suspicious follow up activity as well.

By using this website you agree to our use of cookies to enhance your experience. I understand

Nuclear Conference

Nuclear South West Conference 2019

The Somerset Cyber Group (with BLUELOOP being one of the members) will be exhibiting at the upcoming Nuclear South West Conference 2019 at The McMillan Theatre, Bridgwater on 2nd and 3rd October 2019.

With a theme of ‘Bringing Innovation to Nuclear’, this two-day showcase and conference highlights current and future opportunities in New Build, Decommissioning, Defence and new technologies, including SMRs. 

Our team will be on hand to discuss basic steps in good Cyber Security practice to ensure that all members of the supply chains, no matter how large or small, can ensure that they aren’t the weakest link.

For more information visit: or to book, visit: