While some scams require you do to do some of the work to get them started--- not all need a helping hand.
Banking trojans are invisible and remain dormant until you log onto your bank's website, unaware you're being watched.
It then steals you username and password by capturing keystrokes or copying the log-on page after you've filled it out.
You can get a banking trojan by clicking on a link to a greeting or a video that arrives in e-mail spam.
They can also be picked up by going to a web page that's been corrupted by hackers.
According to an internet security firm, more than 59,000 banking trojans circulated the internet in 2008, compared to nearly 16,000 the year before.
"Man in the middle" banking trojans go a little further.
One type will make illicit cash transfers while the victim is legitimately logged on.
Another can reproduce a copy of a web page showing account balances--- except with balances altered to show what the victim expects to see.
This buys time for the thief to drain the account and hide his trail.
Despite these types of trojans, the American Bankers Association says online banking is safe.