According to The Register as reported in the Washington Post, one of the biggest bill-paying sites on the Internet, CheckFree.com, has been hacked, potentially opening up its customers to malware. On Tuesday, December 2nd, customers logging in to pay their bills were apparently redirected to a Ukrainian server which attempted to infect their computer.

A CheckFree spokesperson acknowledged the attack and claimed that the company wrested control back from the hackers by dinnertime the same day. (Update: The CheckFree spokesperson tells me that the problem began in the very early morning of Dec. 2, and by 10:10 a.m. the company had successfully plugged the leak). While CheckFree has not yet finished analyzing the uploaded malware, the spokesperson told the Post that the severity of the infection would be related to the anti-virus software running on the customer's computer and the browser used to access the account.

A researcher for Trend Micro told the Post that the virus was a Trojan horse program designed to obtain the customer's user names and password.

According to CheckFree, almost a third of all Americans now pay bills online. CheckFree accepts payments for hundreds of companies, includes AT&T, Bank of America, Chevron, DIRECTV, and Time Warner. I don't see any Ukrainian companies on the list, though. Yet.

I'm awaiting a return call from Checkfree to learn what actions customers concerned about the security of their data might take, and will update this post as soon as I have this information. The company's published guarantee states that, when notified within two business days of a unauthorized transaction, your liability will be limited to $50. If you pay through CheckFree.com, I'd suggest checking your linked accounts regularly through the day until this situation is resolved.

Addendum: A spokesperson at Fiserv, the parent company of CheckFree, contacted me with details of the company's response to this intrusion. She assured me that the hole in CheckFree's system had been patched promptly, that the company is already notifying affected users, and that those affected will receive free copies of McAfree antivirus software as well as free McAfree scans of their computer and the Deluxe ID Theft Block credit monitoring service. She also clarified the risk; users whose anti-virus program was out of date or who had no anti-virus protection could have been "subject to a malicious software download."

Have you ever been surfing the internet, when suddenly a box pops up, suggesting your computer might be infected with a virus and you should "click here to protect your computer"?

The absolute worst thing you can do is click there. At best, these are shady advertising tactics that mislead consumers and scare them into buying software or services they may not even need. At worst, they're the product of malicious criminals who want to infect your computer with a Trojan horse and corrupt your data and/or spy on you.

These Trojan horses are often set up to log your keystrokes (keep track of everything you're typing) so that the criminals can steal your logins and passwords. With so much online banking and online bill paying, you can imagine what might happen if someone had access to all your passwords. Consider your bank account emptied, and credit cards maxed out.

So what do you do if one of these mysterious boxes pops up? Whatever you do, don't click on the box. Try to close it, and make sure that nothing is being installed on your computer. When in doubt, shut off your internet connection until you can close out the box and restart your computer if necessary. Install popup blocking software and a firewall (legitimate stuff) that will help protect your computer in the future.

Tracy L. Coenen, CPA, MBA, CFE performs fraud examinations and financial investigations for her company Sequence Inc. Forensic Accounting, and is the author of Essentials of Corporate Fraud.